+

WO1999060749A1 - Systeme de partage d'informations - Google Patents

Systeme de partage d'informations Download PDF

Info

Publication number
WO1999060749A1
WO1999060749A1 PCT/JP1999/002510 JP9902510W WO9960749A1 WO 1999060749 A1 WO1999060749 A1 WO 1999060749A1 JP 9902510 W JP9902510 W JP 9902510W WO 9960749 A1 WO9960749 A1 WO 9960749A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
team
list
encryption
key
Prior art date
Application number
PCT/JP1999/002510
Other languages
English (en)
Japanese (ja)
Other versions
WO1999060749A8 (fr
Inventor
Tatsuma Ohkubo
Shouichi Toyoda
Kazunari Nakane
Tetsu Saburi
Naoto Oki
Original Assignee
Mitsubishi Materials Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from JP10135502A external-priority patent/JPH11331145A/ja
Priority claimed from JP10227410A external-priority patent/JP2000059358A/ja
Priority claimed from JP10307658A external-priority patent/JP2000134195A/ja
Priority claimed from JP10309223A external-priority patent/JP2000137435A/ja
Priority claimed from JP10372187A external-priority patent/JP2000196583A/ja
Priority claimed from JP11029384A external-priority patent/JP2000227879A/ja
Application filed by Mitsubishi Materials Corporation filed Critical Mitsubishi Materials Corporation
Priority to EP99919583A priority Critical patent/EP1083699A1/fr
Publication of WO1999060749A1 publication Critical patent/WO1999060749A1/fr
Publication of WO1999060749A8 publication Critical patent/WO1999060749A8/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/601Broadcast encryption

Definitions

  • the present invention relates to an information sharing system for preventing information from being viewed or falsified, an information processing method thereof, and a recording medium for the purpose of information sharing among a plurality of users.
  • DES Data Encryption Standard
  • an object of the present invention is to provide an information sharing system and an information processing method thereof that can prevent a database that stores encrypted information, an administrator of a server, a file system, or the like from seeing or falsifying information.
  • Another object of the present invention is to provide a recording medium.
  • an object is to provide an information sharing system that employs a common key encryption method and a public key encryption method and is capable of sharing a common key with at least a group, and that is accessed by at least a plurality of members.
  • An information storage device capable of storing at least a digital signature of the team master, a member list including the public key information, a common key list including the encryption key information, and an encrypted data.
  • a storage unit that stores at least one member's public key that can be viewed, and encrypts input information based on the above common key encryption method that uses a common key for encrypting information to generate encrypted data.
  • An encryption unit for encrypting a common key used for encryption with a designated public key stored in the storage unit, and an encryption key generation unit for generating an encryption key;
  • the key and the encrypted data and the transfer section for transferring in the information storage device, said information storage device From the member list, determines whether the digital signature of the team master of the relevant member list matches the specified digital signature, and registers the public key of the member to be added only when they match.
  • the public key of the member who will be resigned is deleted, and in the case of additional registration or deletion, a new member list including at least the digital signature of the team master and member public key information is created and stored in the above information storage device
  • the desired encryption key information and encrypted data are obtained from the list management unit to be transferred and the information storage device, the common key is decrypted from the encryption key information, and the encryption obtained using the decrypted common key is obtained.
  • This can be achieved by a device called an information sharing system including an encryption / decryption device having a decryption unit for decrypting data.
  • the shared key can be shared by the group, and there is no possibility that the contents of the information can be seen by the administrator of the database storing the encrypted data, the server, and the file system.
  • the object is to provide a sender terminal installed on the sender side, and a receiver terminal connected to the sender terminal via a network and installed on the receiver side.
  • An information tampering detection device for transmitting and receiving information between the sender terminal and the receiver terminal and detecting tampering of the information, wherein the receiver terminal has received the information.
  • a reception content confirmation information creating unit that creates confirmation information
  • a transmission unit that transmits the reception content confirmation information via the network
  • the reception content confirmation information via the network is a reception content confirmation information via the network.
  • Information tampering detection device comprising: a reception unit that receives the information; and a tampering detection unit that compares the information transmitted from the sender side terminal with the reception content confirmation information and detects tampering based on the comparison result. To More it is achieved in the apparatus.
  • the object is to provide an encryption device including a key encryption unit and an encryption unit, wherein the key encryption unit uses a common key encryption method to perform encryption using a common key.
  • a common key obtaining unit that obtains or generates a common key
  • a common key encrypting unit that encrypts the common key using a public key cryptosystem and uses the common key as an encryption key, and key information that is used for detecting common key falsification from the common key.
  • a first common key falsification detection information generating unit for generating a ciphertext, wherein the encrypting unit encrypts the plaintext using the common key to form a ciphertext, and a first data falsification from the plaintext.
  • This can be achieved by a device called an encryption device comprising a first data tampering detection information creation unit for creating detection information.
  • tampering detection information is not created for each plaintext, but key information serving as tampering detection information is created for a common key that encrypts each plaintext, and tampering detection and the common key creator's Since identification is possible, the overhead of encrypted information obtained by encrypting information can be reduced. Therefore, it is possible to reduce the load on the network at the time of transferring the encrypted information and the capacity of the storage device required for storing the encrypted information. Further, according to the present invention, the object is to provide a team data list management device that manages a team data list for hierarchizing teams, and sends an operation request of the team data list to a predetermined request destination.
  • the team master of the root team by the user A team data list changing unit for making a change in accordance with the operation request to the team data list whose validity has been confirmed by the validity checking unit; and Create a digital signature of the instructor who made the request, attach the digital signature to the modified team data list, and send it to the request destination Et achieved by the apparatus of the team data list management apparatus and a digital signature unit is.
  • a sub-team can be created under each team by using a team data list including an authority list and authority data, and a hierarchical team is constructed. be able to.
  • the object is to provide an encryption information creation apparatus for creating encryption information including encrypted information obtained by encrypting information to be transmitted, and a member including a public key of one of the members to be distributed in broadcast communication.
  • a member list management device that manages the list, an encryption information decryption device that decrypts the encrypted information, and encryption information transmitted from the encryption information creation device, and the symbol information is received.
  • a member list management device in a broadcast communication system comprising: an information relay device that distributes the encrypted information to one or more cryptographic information decryption devices based on the member list;
  • This can be achieved by a device called a member list management device including a list creation unit for creating a member list including public keys of one or more members, and a public key management unit for acquiring and storing the public key.
  • the information encrypted by the information relay device is decrypted.
  • the system does not have such a mechanism, so it is possible to prevent the contents of the broadcast communication from being leaked or falsified by the administrator of the information relay device, and to allow only members who really need to share the information to share the broadcast contents.
  • the object is to provide a team composed of members who share information with each other by notifying a predetermined request destination of information for identifying and authenticating the instructor who issues a change instruction. And a digital signature of a master having the authority to manage the information, and obtain a team data list prepared according to the authority of the members belonging to the team from the request destination.
  • the list creator confirmation section that checks whether or not a master with authority has created the team data list based on the contents of the metadata list, and the creation of a master with the authority.
  • a list change unit for making a change to the confirmed team data list in accordance with the change instruction; a digital signature of the instructor; and a team data changed by the list change unit. Attach the digital signature to the list is reached by a device that Chi Mudetarisu Bok management apparatus and a digital signature unit to send to the request destination.
  • a master list and a team data list such as a membership list stored in a server or the like are acquired in response to a change instruction from a master having a legitimate authority, and the lists obtain the authority. After confirming that the list is properly created by the master, the list is modified and returned to the request destination. From this, it is possible to detect that an unauthorized person, such as a general member other than the master, a server administrator, or a cracker, has manipulated the team data list.
  • FIG. 1 shows a basic configuration of an information sharing system according to the invention of the first embodiment.
  • FIG. 2 is a block diagram showing a configuration example of the encryption / decryption device according to the invention of the first embodiment.
  • FIG. 3 is a diagram illustrating a configuration example of the decoding unit in FIG.
  • FIG. 4 is a diagram showing various lists stored in the WWW server.
  • FIG. 5 is a diagram for explaining the detailed functions of the DBMS in the WWW server as the information management device according to the first embodiment of the present invention.
  • FIG. 6 is a diagram for explaining a registration operation of a public key ID to a group when a common key is shared by the groups.
  • FIG. 7 is a diagram for a case where a common key is shared by a group, for explaining an example of a common key registration operation.
  • FIG. 8 is a diagram for explaining an operation example in a case where a group shares a common key and data is encrypted.
  • FIG. 9 is a diagram for explaining an operation example in the case where data to be shared is separately identified and data is decoded.
  • FIG. 10 is a diagram for describing an example of a decoding operation.
  • FIG. 11 is a block diagram illustrating the operation principle of the information tampering detection device according to an embodiment of the second embodiment.
  • FIG. 12 is a block diagram showing a configuration of an information tampering detection device according to the same embodiment.
  • FIG. 13 is a flowchart for explaining the operation of the reception content confirmation information confirmation unit 103/3 shown in FIG.
  • FIG. 14 is a flowchart for explaining the operation of the transmission content confirmation information creation unit 104/3 shown in FIG.
  • FIG. 15 is a flowchart for explaining the operation of the reception content confirmation information creation unit 202j3 shown in FIG.
  • FIG. 16 is a flowchart for explaining the operation of the transmission content confirmation information confirmation unit 205 shown in FIG.
  • FIG. 17 is a diagram illustrating the operation principle of a conventional information tampering detection device.
  • FIG. 18 is a diagram for explaining the drawbacks of the conventional information tampering detection device.
  • FIG. 19 is a block diagram showing a configuration of an encryption / decryption device according to an embodiment of the inventions of the 3-1 to 3-3 embodiments.
  • FIG. 20 is a diagram showing one utilization form of the inventions of the third to third embodiments.
  • Fig. 21 is a flowchart for explaining the operation related to the encryption.
  • Fig. 22 is a diagram showing the configuration of the information before encryption and the encrypted information.
  • -Fig. 23 is a diagram related to the decryption.
  • FIG. 24 is a flowchart illustrating the operation when adding information to the encrypted information.
  • FIG. 25 is a diagram showing the configuration of encrypted information before and after information is added to the encrypted information.
  • FIG. 26 is a flowchart illustrating the operation when the sharing member 1 adds the sharing member 1C to the team.
  • FIG. 27 is a diagram showing the configuration of the encryption information before and after adding the shared member 1C to the team.
  • Figure 28 is a flowchart describing the operation when removing a shared member from a team.
  • FIG. 29 is a diagram showing the configuration of the encrypted information before and after deleting the shared member ⁇ from the team.
  • FIG. 30 is a diagram illustrating information stored in the information storage device according to the 3-1st embodiment.
  • FIG. 31 shows the information storage device when information is added in the third-second embodiment.
  • FIG. 4 is a diagram showing information stored in the storage device.
  • FIG. 32 is a diagram showing a display example of a schedule after decoding in the third to third embodiments.
  • FIG. 33 is a flowchart illustrating the operation of encryption in the conventional encryption / digital signature scheme.
  • FIG. 34 is a flowchart illustrating a decryption operation in the conventional encryption / digital signature scheme.
  • FIG. 35 is a diagram showing the configuration of information before encryption and the encrypted information according to the encryption method disclosed in Japanese Patent Application Laid-Open No. 8-15664.
  • FIG. 36 is a diagram showing a configuration of information before encryption and encrypted information by the encryption method disclosed in Japanese Patent Application Laid-Open No. 9-71388.
  • FIG. 37 is a block diagram showing a configuration of a system having a team data list management device and a team data overnight list storage device according to the fourth embodiment.
  • FIGS. 38A, 38B, 38C, and 38D are explanatory diagrams showing the structure of the team data list stored in the server on which the team data list storage device is installed in the forty-first embodiment.
  • FIG. 39 is an explanatory diagram showing an example of a team hierarchy in the fourth embodiment.
  • FIG. 40 is an explanatory diagram in which specific values of the team list are written for each team in the team hierarchy shown in FIG.
  • FIG. 41 is an explanatory diagram showing a processing procedure for creating a sub team in the 4-1 embodiment.
  • (A) means a sub-team creation request by member C (sub-team 103 ⁇ is created under team 101, with team mass X as X), and S 116-S 1
  • the meaning of 5 ⁇ is as follows.
  • Data list management device 3 0 ⁇ is related to team 10 1 ⁇
  • (B) means a management request of the team 103 ⁇ by the member X, and S 16 ⁇ 5 to S 19 (5 means the following, respectively.
  • (C) means the designation of W and V as the sub-team creation authority (sub AU ⁇ ) by member X, and the meaning of S 205 to S 21 ⁇ 5 is as follows: It is as follows.
  • FIG. 42 is an explanatory diagram showing a processing procedure of a server-side authority confirmation function performed at the time of a sub-team creation request in the process of FIG.
  • Figure 43 shows the client-side list that is implemented in the process of Figure 41.
  • FIG. 9 is an explanatory diagram showing a processing procedure related to validity verification.
  • FIG. 44 is an explanatory diagram showing a processing procedure when the server confirms the authority of the team data list newly created on the client side in the process of FIG.
  • FIG. 45 is an explanatory diagram showing a processing procedure for changing the team space of the sub team in the fourth embodiment.
  • FIG. 46 is an explanatory diagram showing a processing procedure for changing (deleting) the authority to create a sub-authority in the fourth embodiment.
  • FIG. 47 is an explanatory diagram showing a processing procedure for deleting a subteam in the 4-1 embodiment.
  • (A) means the deletion of the previously created sub team 103 ⁇ of 101 ⁇ by member C, and the meaning of S 81 ⁇ 5 to S 82 ⁇ is as follows.
  • ( ⁇ ) means a request to delete team 103 ⁇ by the authority of member S
  • the meaning of S83 (5 to S84 ⁇ ) is as follows.
  • a ⁇ ⁇ of 101 ⁇ 5 A has designated as subAU
  • the C has created 103 ⁇ 5 (signing AUD5 for 103 ⁇ 5
  • FIG. 48 is an explanatory diagram showing a procedure of a method called a challenge or challenge response used by the server when confirming the authority of a user at the client side.
  • FIG. 49 is an explanatory diagram showing an example of the team hierarchy in the 4-2 embodiment.
  • FIG. 50 is an explanatory diagram showing an example of the team hierarchy in the fourth to third embodiments.
  • Figure 51 shows the configuration of a conventional system that shares information using an access control list.
  • FIG. 1 A first figure.
  • FIG. 52 is a diagram showing the structure of the broadcast communication system according to the fifth embodiment of the present invention.
  • Figure 53 shows an example of a general member list.
  • Figure 54 is an example of a member list composed of multiple lists.
  • FIG. 55 is a diagram showing an embodiment of the member list management device of the present invention.
  • FIG. 56 is an operation flowchart of the list creation unit.
  • FIG. 57 is a diagram showing an embodiment of the cryptographic information creation device of the invention of the fifth embodiment.
  • FIG. 58 is a diagram showing an encryption / decryption process in the broadcast communication system according to the fifth embodiment of the present invention.
  • FIG. 59 is a diagram for explaining a mechanism of multiple-packet transmission and multiple-packet reception in the broadcast communication system according to the fifth embodiment of the present invention.
  • FIG. 60 is a diagram illustrating an embodiment of an encryption information decryption device according to the fifth embodiment of the present invention.
  • FIG. 61 is a diagram showing an embodiment of the information relay device of the invention of the fifth embodiment.
  • FIG. 62 is an example in which the broadcast communication system of the fifth embodiment is applied as a securities news distribution system.
  • FIG. 63 shows an embodiment of the broadcast communication system of the present invention using a mailing list server.
  • FIG. 64 is a diagram illustrating the structure of a conventional broadcast communication system.
  • FIG. 65 is a diagram for explaining the mechanism of the broadcast communication system disclosed in Japanese Patent Laid-Open No. 7-245605.
  • FIG. 66 is a block diagram showing a configuration of a system having a team data list management device and a team data list storage device according to an embodiment of the sixth embodiment.
  • FIG. 67 is the first diagram for explaining the technology underlying the invention of the sixth embodiment, and shows a configuration in which a member list management function and a storage function are divided between a client and a server. It is a block diagram.
  • FIG. 68 is a second diagram for explaining the technology underlying the invention of the sixth embodiment, and is a process when a member included in a member list on a server is changed from a client side.
  • FIG. 9 is an explanatory diagram showing a procedure. 1 2
  • FIG. 69 is an explanatory diagram showing a procedure of a technique called a shake hand or a challenge response used by the server when confirming the authority of the user at the client side.
  • FIG. 70 is an explanatory diagram showing a processing procedure relating to a member change in a case where members are managed by a plurality of administrators in the embodiment.
  • FIG. 71 is a flowchart showing a processing procedure of a list creator confirmation performed on the client side in the embodiment.
  • FIG. 72 is an explanatory diagram showing a processing procedure relating to a change of a sub cell in a case where members are managed by a plurality of administrators in the embodiment.
  • FIG. 73 is an explanatory diagram showing a processing procedure for changing a team cell when the members are managed by a plurality of managers in the embodiment.
  • FIG. 74 is a flowchart showing a processing procedure of authority confirmation performed on the server side when the team cell shown in FIG. 73 is changed in the embodiment.
  • New team list is the old team list
  • FIG. 75 shows a comparison and verification at each step in the same embodiment when performing the authority confirmation shown in Fig. 74 in the same embodiment.
  • FIG. 7 is an explanatory diagram showing a state of a team master list and a member list to be executed.
  • FIG. 76 is a block diagram showing a configuration of a conventional system for sharing information using an access control list.
  • FIG. 77 is an explanatory diagram showing a processing procedure performed between client servers in order to share information only with members belonging to a specific group.
  • the invention of the first embodiment relates to an information sharing system for preventing information from being viewed or falsified, an information processing method thereof, and a recording medium for the purpose of information sharing among a plurality of users. is there.
  • the technology described below is conventionally known.
  • various types of digital information have been used on computer networks.
  • the present invention has been made in view of the above circumstances, and has as its object to inspect and alter the content of information by an administrator of a database, a server, a file system, or the like that stores encrypted information. It is an object of the present invention to provide an information sharing system, an information processing method thereof, and a recording medium that can prevent the occurrence of a problem.
  • a shared key cryptosystem and a public key cryptosystem are used in combination in order to keep information shared by a plurality of users secret.
  • the input information is encrypted using a common key in a shared key cryptosystem.
  • an information sharing system on a network is realized.
  • At least an information storage device that can be accessed by a plurality of members has at least a digital signature of the team master, a list of members including members and public key information, and a common key including encryption key information. List and encrypted data are stored. 15
  • a member belonging to a group is additionally registered, a member list is obtained from the information storage device, and it is determined whether the digital signature of the team master of the obtained member list matches the designated digital signature. You. Only when there is a match, a new member list including at least the digital signature of the team master and member-public key information is created, and the created member list is transferred to the information storage device and stored. .
  • a member list is obtained from the information storage device, and the digital signature of the team master of the obtained member list matches the designated digital signature. It is determined whether or not to do so.
  • the common key to be registered is encrypted using the specified public key, and the encrypted common key is transferred to the information storage device and stored.
  • data is encrypted using the common key, at least encryption key information is obtained from the common key list of the information storage device, and the common key is decrypted from the encryption key information.
  • the input information is encrypted with the decrypted common key based on the common key encryption method to generate encrypted data, and the encrypted data is transferred to the information storage device and stored.
  • decrypting data desired encryption key information and encryption data are obtained from the information storage device, and the common key is decrypted from the encryption key information.
  • the member list is changed according to the request by the group management means.
  • the common key management unit When there is a request for registration of a common key, the common key management unit registers the requested common key including its encryption key information. When there is a request to acquire a common key, the common key management unit selects the optimal common key for information sharing in a specific group and transfers it to the request destination.
  • the encrypted data is stored by the encrypted data management unit together with the common key information used for encrypting the data.
  • the encrypted data management unit transfers the stored encrypted data and the common key information to the request destination.
  • FIG. 1 is a basic configuration diagram of an information sharing system according to the present invention
  • FIG. 2 is a block diagram illustrating a configuration example of an encryption / decryption device according to the present invention.
  • Information sharing system according to the present embodiment (first embodiment), as shown in FIG. 1, the first terminal equipment 1 and the encryption decryption shown in FIG. 2 apparatus 1 0 alpha is incorporated WWW server as an information storage device for storing a list of members generated by the encryption / decryption device 10 ⁇ , a common key list, encrypted data, etc. ⁇ is connected by a network (for example, the Internet) 4 ⁇ .
  • a network for example, the Internet
  • the list management unit is composed of the digital signature confirmation unit 17 ⁇ , the public key management unit 18 ⁇ , and the digital signature addition unit 19a as main elements.
  • the encryption unit 11 ⁇ uses a common key dk for encrypting information or a common key ck ⁇ read from the WWW server 3 ⁇ , and uses, for example, a shared key code method (for example, DES) to input the input information ⁇ .
  • the encrypted data M′ ⁇ is generated by encrypting the data, and the generated encrypted data ⁇ ′ ⁇ is output to the transfer unit 16 ⁇ .
  • the encryption unit 11 ⁇ is used when a group shares a common key, and when encrypting data, a request for a member list of a specific group, specifically, a group ID or a user public key ID is used.
  • a request for a member list including the request is made to the WWW server 3 ⁇ . This request is transferred via the transfer unit 16a.
  • the common key generation unit 12 is composed of, for example, a random number generation circuit, etc., generates a common key dk for encrypting information, and outputs it to the encryption unit 11 ⁇ and the encryption key generation unit 14 ⁇ . I do.
  • the common key dka is generated, for example, as 64 bit data.
  • the storage unit 13 is composed of, for example, a hard disk, in which unique public keys PK 1 ⁇ , ⁇ ⁇ 2 ⁇ ,..., ⁇ ⁇ ⁇ ⁇ of each of a plurality of n users sharing this system are recorded in advance. It is accessed by the encryption key generator 14 ⁇ and the public key manager 18.
  • the encryption key generation unit 14 uses the public key dk ⁇ (or the common key ck ⁇ ) used for encryption by using the public key of the user recorded in the storage unit 13 ′′. 18. For example, one or a plurality of encryption keys ⁇ ⁇ , ⁇ , ⁇ ⁇ 2 ⁇ ,..., ⁇ ⁇ ⁇ are encrypted based on a public key cryptosystem (for example, RSA), and the generated encryption key is generated. EK 1, ⁇ ⁇ 2 ⁇ , ..., ⁇ ⁇ are output to the transfer unit 16 ⁇ . Also, the encryption key generation unit 14 ⁇ transmits a member list request of a specific group to a WWW server when a member belonging to a specific group wants to share information and registers a common key used by the member.
  • a public key cryptosystem for example, RSA
  • the transfer of this request is performed via the transfer unit 16 ⁇ .
  • the additional information generation unit 15 generates, for example, a message digest kmd of the common key dk ⁇ using a hash function or the like, and outputs it to the transfer unit 16 ⁇ as the additional information ajf.
  • any one of ID, user password, certificate, e-mail address, public key, and order information for identifying the encryption key that can be decrypted with the user's private key may be information combining multiple items.
  • the transfer unit 1 6 alpha, input information Micromax Hino encrypted encryption key ⁇ 1 ⁇ 1 or multiple generated in association with, ⁇ 2 ⁇ , ..., ⁇ ⁇ ⁇ ⁇ , encrypted data Micromax 'shed, And the additional information ajf ⁇ is transferred to the WWW server 3 ⁇ as an information storage device via the network 4 ⁇ .
  • the transfer process is not performed when registering the common key.
  • the digital signature confirmation unit 17 receives the public key member list GL ⁇ belonging to a specific group stored on the WWW server 3 via the network 4 ⁇ and obtains the digital signature of the team master. Confirm and, if the confirmation is positive, add the public key of the user joining the new group.
  • 19 public key PK of the is output from the storage unit 1 3 alpha to the public key management unit 1 8 alpha, to remove the appropriate members one to members listed in Menpari scan Bok received when there is a member one you defections
  • the public key ⁇ corresponding to the public key ID list is output from the storage unit 13 ⁇ to the encryption key generation unit 14 ⁇ .
  • the public key management unit 18 ⁇ receives the designated public key ⁇ ⁇ output from the storage unit 13 ⁇ when adding the public key of a user who newly joins the group, and receives a new member list. Is created, the public key number ( ⁇ ⁇ ) and the member's public key are set in the list, and a group ID is added to the new member list and output to the digital signature adding section 19 ⁇ . Further, for example, when a member list request of a specific group is generated, the request is made to the WWW server 3 ⁇ .
  • the digital signature adding unit 19 adds a digital signature of the team master to the new list created by the public key management unit 18 ⁇ , and sends it to the WWW server 3 as an information storage device via the network 4 ⁇ . Transfer to ⁇ to register.
  • the decryption unit 20 ⁇ When a specific group shares a common key, the decryption unit 20 ⁇ generates a desired common key number ( ⁇ ⁇ ) from the common key list CKL ⁇ registered in the WWW server 3a. ), Obtains the encryption key, decrypts the encryption key with the user's secret key ⁇ V k using public key cryptography (for example, RS ⁇ ), obtains the common key, and sends it to Output.
  • public key cryptography for example, RS ⁇
  • the data ID and public key number (No) are transferred to the WWW server 3 and encrypted. 20 Obtain the key and data, decrypt the common key using public key cryptography, and decrypt the data using common key cryptography.
  • the decryption unit 2 O c is composed of an encryption key decryption unit 21 and an information decryption unit 22 ⁇ .
  • the decryption unit 20 ⁇ identifies, for example, algorithms of a shared key encryption method and a public key encryption method stored in the WWW server 3a in addition to a plurality of encryption keys, additional information, and encrypted data.
  • the algorithm identification information desrsa for example, encrypted with DES and RSA
  • other information info for example, the initialization random number used for DES
  • the r server 3 ⁇ has a database management system (DBMS) 31 ⁇ and an authority confirmation unit 32 ⁇ having an authority confirmation function.
  • DBMS database management system
  • list CKL alpha common only be sampled GCKL alpha of group encryption Detari be sampled EDL alpha, and de one data common key list DCKL alpha recorded in a predetermined storage unit stores.
  • the DBMS 31a has three pieces of information, a member list management section 311 ⁇ , a common key management section 312, and an encrypted data management section 313. It has a management storage function. These functions use the authority confirmation function to confirm whether each change, registration, or data storage request satisfies the authority. 21
  • the member list management unit 311 ⁇ receives the member list change request from the client side, accesses the member list GL ⁇ , responds to the member list change request, and is returned. Change the member list GL ⁇ according to the requirements of the team master. Also, the member list management unit 311 has a function to add / delete the entire group.
  • the common key management unit 3 1 2 alpha, when the common key register, access the common key list GCKL a common key list CKL a and groups, to register the common keys.
  • the common key management unit 312 responds to the request for a common key that is optimal for information sharing in a specific group at that time. ), Select the latest common key) and transfer it to the client. If, for example, an encryption key and group ID information related to the common key to be registered are received, they are sorted and stored in each list. At that time, a common key ID is generated.
  • the member list management unit 311a checks the authority and refers to the group ID to obtain the public key numbers (No) and the public keys of the members belonging to the specific group. get.
  • the common key management unit 3 1 2 refers to the group ID from the group common key list GCKLa and searches for all common key numbers (No) used in the specific group.
  • the common key list CKL ⁇ than, the common key number ( ⁇ 22. Obtain all the encryption keys that match o) and the public key number (No) of the team master and transfer them to the client.
  • the member list management unit 311 and the common key management unit 312 2 ⁇ send the returned encryption key, member list, and public key as a result of processing such as change and encryption on the client side.
  • the member list GL ⁇ , common key list CKL ⁇ , and group common key list GCKL are changed.
  • the member list management unit 311 ⁇ and the common key management unit 312 ⁇ cooperate to perform the following processing.
  • the member list management unit 311 ⁇ updates the member list.
  • the new member list is compared with the member list before the update, the public key number (No) of the deleted member is calculated, the group ID and the public key number of the deleted member (No) are determined. No) is passed to the common key management unit 3 1 2 ⁇ .
  • the common key management unit 3 1 2 ⁇ searches for the common key number (No) used in the specific group by referring to the group ID from the group common key list GCKL. G. From CKL ⁇ , delete all encryption keys that match each common key number (No) and the deleted member's public key number (No). In DBMS 31 ⁇ , if the addition and deletion of one member are performed at the same time, 23. In this case, the above methods are combined and executed.
  • the encrypted data storage unit 3 1 3 ⁇ cooperates with the common key management unit 3 1 2 ⁇ , and the group common key list GCKL ⁇ , common key list CKL a, data common key list DCKL a Then, the encrypted data list EDLa is accessed, the member list is transmitted and the encrypted data is received according to the client's request, and the data ID is generated. When a decryption request is received, it refers to the data ID and public key number (No) and returns encrypted data and an encryption key by referring to three lists. Next, the operation of the above configuration will be described.
  • a client requests a member list of a specific group to the WWW server 3a, for example, from the public key management unit 18a ( S61a).
  • a list of public key IDs belonging to a specific group is encrypted from the WWW server 3a via the network 4 on the client side. 24. Transferred to the decryption device 10 (S6 2 c c
  • the member list which is the public key list, is input to the digital signature confirmation unit 17, where the digital signature of the team master is confirmed (S 63 a). ).
  • the public key PK is output from the storage unit 13a to the public key management unit 18a, and the member who withdraws from the group.
  • the public key of the member is deleted from the members listed in the received member list (S64a).
  • the public key management unit 18a creates a new member list (S65h), a public key number (No), and a member number.
  • the public key and group ID are set in the list and output to the digital signature adding section 19a.
  • the digital signature of the team master is added to the new member list by the public key managing section 18a (S6 ⁇ ⁇ ).
  • a request for updating the member list is made from the digital signature adding section 19a to the WWW server 3a, and the member list management section 311 1 in the WWW server 3a requests the member list.
  • the update of the store GLa is performed (S67a) ⁇ If the digital signature verification is negative in step S63a, the team master updates or deletes the member list, etc. And so on, the processing after step S64a is not performed. twenty five -
  • the authority such as access is confirmed, and a request for a list of members of a specific group is sent from the client side (terminal side) to the WWW server 3 ⁇ , for example, from the encryption key generation section 14 ⁇ . divided by (S 7 1 ⁇ ).
  • a public key ID list belonging to a specific group is transferred from the WWW server 3 ⁇ to the client-side encryption / decryption device 10 ⁇ via the network 4 ⁇ (S7). 2 ct).
  • the member list which is the public key list
  • the digital signature confirmation unit 17 ⁇ where the digital signature of the team master is confirmed (S 7). 3a). If the confirmation is affirmative, the public key PK corresponding to the public key ID list is output from the storage unit 13 to the encryption key generation unit 14.
  • the common key S key 1 ⁇ generated by the common key generation unit 12 ⁇ is encrypted using a given public key, for example, based on a public key cryptosystem.
  • a given public key for example, based on a public key cryptosystem.
  • one or more encryption keys ⁇ ⁇ ⁇ are generated by adding a common key list data including a public key number and a member-one public key, and output to the transfer unit 16 ⁇ . (S74).
  • the common key list data including the encryption key to which the common key list data including the public key number and the member-one public key is added by the transfer unit 16 is transmitted to the WWW server 3 via the network 4 ⁇ .
  • shared key management unit 3 1 2 ⁇ 26 to be stored in the specified place as shown in Fig. 7 (S75a) c
  • the information transferred from the transfer site 16 may include the additional information generated by the additional information generation unit 15 in some cases. If the digital signature check is negative in step S73, the team master is deemed to have no authority to register the common key, and the processing from step S74 ⁇ is performed. Absent. Next, a case where a group shares a common key and data is encrypted will be described with reference to FIG.
  • the authority such as access is confirmed, and the client (terminal) requests the member list of a specific group, specifically the group ID and user public key ID (for example, the number “IC: FF”).
  • the request is made to the WWW server 3 ⁇ from, for example, the encryption unit 11 ⁇ (S81).
  • a common key belonging to a specific group for example, “1 2 2”
  • an encryption key (“ ⁇ Xc ⁇ ”) are transmitted from the WWW server 3 via the network 4 ⁇ . Is transferred to the client-side encryption / decryption device 10 ⁇ (S82 ⁇ ).
  • the decryption unit 20 ⁇ acquires the common key number (122) and the encryption key (zxcv), and uses the public key cryptosystem to secure the user's secret.
  • the encryption key is decrypted with the key ⁇ V k ⁇ to obtain the common key S key 2 ⁇ , which is output to the encryption unit 11 ⁇ (S83a, S84a).
  • Input information M Higa shared key encryption method (e.g., DES) is encrypted using a common key S key 2 alpha on the basis of the common key number (1 2 2) encrypted data is added
  • Micromax 'alpha (For example, “; ijjjjjjjjjjjjJ) is generated and output to the transfer unit 16 (S85 ⁇ ).
  • the encrypted data M ′ a (for example, rjjjjjjjjjjjjjjj) to which the common key number (122) has been added by the transfer unit 16 ⁇ is transferred to the WWW server 3 ⁇ via the network 4 ⁇ , and the encrypted data It is stored in a predetermined place by the management unit 313 ⁇ as shown in Fig. 8 (S86a).
  • the case where the user who wants to share is specified separately and the data is encrypted will be described with reference to FIG.
  • the input information ( "Hello") is input to the encryption unit 1 1 alpha of the encryption device 1 0 alpha.
  • the common key generation unit 12 generates a common key S key 1 a (S 9 1 ⁇ ), and the common key S key 1 ⁇ is used as the encryption unit 12 a and the encryption key generation unit 14. (S 9 2 a, S 9 3 a) 0
  • the encryption unit 11 a encrypts the input information Ma using the common key S key 1 a based on the shared key code system DES.
  • the encrypted data M ′ a (for example, “: jjjjjjjjjjjjjj”) to which the common key number (for example, “1 2 4”) is added is generated and output to the transfer unit 16a.
  • the public key PKa based on the public key cryptosystem (for example, RSA) of the users A, B, and C is read from the storage unit 13a.
  • the encryption key generation unit 14 uses these public keys to encrypt the common key S key 1 a based on the public key code method. 28.
  • the encryption key (olkj, ⁇ iwi, Xknm) is obtained, and the public key number (“1 1:
  • the encrypted data ⁇ ′ ⁇ (for example, “; jjjjjjjjjjjjjjjj”) to which the common key number (for example, “1 2 4”) is added by the transfer unit 16 ⁇ , and the encryption key (o 1 kj, O iwi, X knm) and data including public key numbers (“11: AA”, “1C: FF”, “E5: 4B”) are transmitted to the WWW server via network 4 ⁇ .
  • the decoding unit 2 0 alpha from the data ID for example, "4 4 4 4"
  • a public key ID is transmitted to the WWW server 3 a (S 1 0 1 ⁇ ).
  • the WWW server 3 ⁇ uses the received data ID and a common key number (eg, “1 2 2 J”) to generate the encrypted data (eg, “; jjjjjjjjjjjj” and the corresponding encryption key (z X c V ) Is read out from a predetermined storage location by the encrypted data management unit 313 ⁇ , and transferred to the client via the network 4ct (S102h).
  • a common key using the private key corresponding to the public key ID is decoded as S key 2 ⁇ (S 1 0 3 flight).
  • the common key S key 2 alpha using, de on the basis of the common key encryption method - data is decoded as "Hello" (S 1 0 4 a).
  • each list is read so that the new member can read the information shared by the group before the registration. 29, and when removing a member from a particular group, modifying each list to prevent the deleted member from reading information shared by the group since the removal.
  • the operation of the WWW server 3 ⁇ will be described. First, a case will be described in which, when a new member is registered in a specific group, each list is changed so that the new member can read information shared by the group before the registration.
  • the authority is confirmed by the member list management unit 311a, and the member ID belonging to the specific group (for example, team B) is referred to by referring to the group ID.
  • Public key number (No) and public key are obtained from member list GLa.
  • the group ID is referred to from the group common key list GCK La, and the common key number (for example, 5 2 , 1 1 1 and 1 2 3) are all searched.
  • each common key number for example, 52, 111, 123 and the public key number of the team master (for example, 1) are obtained from the common key list CKLa. 1: All encryption keys that match AA) (eg, qwer, peha, gobp) are obtained and transferred to the team master's client.
  • AA eg, qwer, peha, gobp
  • a common key obtained by decrypting the member list and all the encryption keys for example, S keylOO, S key 105, S key 80 ⁇
  • those common keys are newly registered.
  • the member's public key eg, xhen, mxco, henc
  • these encryption keys a list of members, a public key number (for example, L2: CA) and a common key ID (for example, 52, 111, 123) are transmitted to the WWW server 3 ⁇ .
  • the member list management unit 311 ⁇ and the common key management unit 312 ⁇ the returned encryption key and member list as a result of processing such as change and encryption on the client side, and disclosure Receiving the key number (No) and the common key ID, the member list GL, common key list CKL ⁇ , and group common key list GCKL a are changed.
  • the newly added member can obtain the past shared information because the public key is included in the common key list.
  • the member list management unit 311 of the WWW server 3 ⁇ updates the member list.
  • the new member list is compared with the member list before the update, and the public key number (No) of the deleted member is determined.
  • the group ID and the public key number (No) of the deleted member are passed to the common key management unit 312 ⁇ .
  • the common key management unit 312 2 ⁇ refers to the group ID from the group common key list G CKLa and uses the common key number (for example, 3 8 , 444, 1 3 3) are all searched. 31 ⁇ Next, in the common key management unit 312, from the common key list CKLa, each common key number (for example, 38, 44, 13) and the public key number of the deleted member (For example, LL: BB) All the encryption keys that match are deleted. In addition, in the WWW server 3, more specifically, in the DBMS 31, when the addition and deletion of members are performed at the same time, the above methods are combined and executed.
  • At least a plurality of media can be accessed, at least a digital signature of the team master, a member list including member public key information, and a common key including encryption key information.
  • List and encrypted data are stored on three WWW servers, a storage unit that stores the public key of at least one member who can see the information, and a storage unit that encrypts the information.
  • An encryption unit 11 ⁇ that encrypts input information based on the common key encryption method using a common key to generate encrypted data and a common key used for encryption are stored in a storage unit and designated.
  • An encryption key generation unit 14 ⁇ that encrypts with the obtained public key and generates an encryption key
  • a transfer unit 16 ⁇ that transfers and stores multiple encryption keys and encrypted data to the WWW server 3 ⁇ .
  • Members from WWW server 3 ⁇ To determine whether the digital signature of the relevant team member's team master matches the specified digital signature, and if so, add the member's public key or publish the member to leave The key is deleted from the above storage unit, and in the case of additional registration or deletion, a new member list including at least the team master's digital signature and member's public key information is created! :
  • the list management units 17 ⁇ , 18 and 19 ⁇ to be transferred to the above information storage device and stored, and the desired encryption key information and encrypted data are obtained from the WWW server 3 ⁇ , and this encryption is performed.
  • the WWW server 3 ⁇ as the information storage device accesses the member list GL and responds to the member change request.
  • the member list management unit 311 1 ⁇ that can change the member list GL ⁇ in response to the request from the returned team master, and the shared key request from the client.
  • the common key management unit 312 ⁇ that selects the optimal common key for sharing and transfers it to the client, the group's common key list GCKL a, the common key list CKL, the data common key list DCKL, and encryption Aaccessed the encrypted data list EDLa, sent a member list and received encrypted data according to the client's request, generated a data ID, and received a decryption request.
  • an encrypted data storage unit 313 is provided that refers to the data ID and public key number (No) and returns encrypted data and the encryption key by referring to the three lists.
  • there is no risk that the data of users who are shared using databases that store encrypted data or information storage devices such as servers and file systems can be seen or tampered with.
  • the programs for changing, registering, storing, etc., are stored in a storage medium readable by the first and second terminal devices (computers) 1 ⁇ and 2 ⁇ , for example, a floppy disk provided in the encryption device 10 ⁇ or a server. It is recorded on a peak disk, hard disk, optical disk, semiconductor storage device, etc., and is read and executed by the terminal device.
  • a transmission / reception notifying unit may be further provided for sending a transmission notification notifying the receiving side of the fact and a receiving notification notifying the transmitting side that the receiving side has reliably received the information.
  • the receiver can use the transmission / reception notification unit to reliably send the information to the sender or the information communication device or information storage device to which the information was relayed at the time of reception (after tampering confirmation and decryption). It can send a reception notification to confirm that it has been received.
  • the information included in these notifications includes the content (or part of) the information transferred from the sender, an overview, information identifying the sender, information identifying the recipient, information acquisition and storage location. (e.g. URL address, directory, etc.), the c Specifically, etc. information acquisition date, the information storage device, encrypting the data management unit of FIG. 5 (3 1 3 alpha) 34. Add the function of the transmission / reception notification unit.
  • the encryption / decryption device creates a transmission notification or a reception notification by using information included in the above-described notification used for encryption or obtained at the time of decryption, and performs communication.
  • communication means an external communication function such as a mail protocol connected to the terminal or an HTTP protocol provided in a browser can be used instead.
  • the sender and receiver can confirm that the communication has been performed securely in order to increase the security of communication. This is because it is desirable.
  • the sender uses the transmission / reception notifier to notify the receiver or the information relay device or the information storage device that the information was relayed at the time of transmission (at the time of encryption) to the effect that the information was certainly transmitted.
  • a transmission notification can be sent.
  • the security can be further improved by transferring the notification using another protocol such as SMTP, and confirming the existence of the communication on both the sending and receiving sides.
  • SMTP another protocol
  • a shared key can be shared by a group, and a database for storing encrypted data, a file system administrator, and a file system administrator can receive information. There is no possibility of seeing the contents.
  • the invention of the second embodiment relates to, for example, an information tampering detection device used for detecting tampering of information in network transmission and a computer-readable recording medium recording a tampering detection program.
  • information tampering detection technology a technology for detecting information tampering (hereinafter referred to as information tampering detection technology)
  • a digital signature technology has been put to practical use by an information tampering detection device.
  • Examples of common digital signature technologies include a Digital Signature Algorithm or a combination of a public key cryptosystem (eg, RSA) and a hash function (eg, MD 2).
  • FIG. 17 is a diagram illustrating the operation principle of the above-described conventional information tampering detection device.
  • the information tampering detection device shown in Fig. 17 is a transmitting terminal installed on the sender side.
  • step SA1 the transmitting terminal 1] 3 encrypts the plaintext 2 to be transmitted to the receiving terminal 6. Specifically, the transmitting terminal l j3 creates a ciphertext 3 from the plaintext 2 ⁇ using the public key of the receiver (receiving terminal 6] 3). Then, in step S A 2
  • the transmitting terminal 1] 3 compresses the plaintext 23 using a hash function to create an MD j3 (message digest) 4a
  • a hash function is a function that is computationally infeasible to find any two different inputs that have the same output value, and as a part of mechanisms such as digital signatures From long messages to relatively short, for use 36.
  • step S A 3 3
  • the authenticator 5 is a digital signature given to the plaintext 2/3 that is the basis of the ciphertext 3] 3.
  • the digital signature is obtained through a first process of creating a message digest and a second process of encrypting the message digest with a secret key.
  • the digital signature may be obtained through a process of encrypting information that has not been message digested or a combination of the message digest and the information with a private key in addition to the above process. Including. Then, the transmitting terminal 1 transmits the ciphertext 3/3 and the authenticator 5j3 to the receiving terminal 6/3 via the network. Thus, after receiving the ciphertext 3/3 and the authenticator 5, the receiving terminal 613 first uses the secret key of the receiver (receiving terminal 63) in step SA4j3 to encrypt the ciphertext 3; 3. Is decrypted to create plaintext 20.
  • step S A50 receiving terminal 6 creates MD ⁇ 4 b ⁇ by compressing the decrypted plain text 2 ⁇ using a dash function.
  • step SA 6 j3 the receiving terminal 63 decrypts the received authenticator 5 by using the public key of the sender (transmitting terminal 1 ⁇ ) to generate ⁇ D ⁇ 4c ⁇ . I do.
  • step SA7 the receiving terminal 6 ⁇ receives MD j3 4 b ⁇ 3 and MD 37.
  • the conventional information tampering detection device does not have the right to decrypt the received ciphertext 3 ⁇ as shown in Fig. 18; in other words, the receiving terminal 6 ⁇ that does not have the receiver's private key does not
  • the plaintext 2 ⁇ 3 and, consequently, the MD ⁇ 4b ⁇ cannot be created
  • the transfer information cannot be verified for tampering. Therefore, in the conventional information tampering detection device, when the receiving terminal 6] 3 shown in FIG. 18 transfers the transfer information to another terminal (not shown), the terminal, for example, encrypts the ciphertext 3/3. Even if they have the right to do so, they cannot detect when and where tampering has taken place.
  • the transmitting terminal 1/3 that transfers the transfer information first transfers a digital signature that is not the authenticator 53 (digital signature) created from the original plaintext 2] 3. Even in this case, the terminal cannot detect tampering.
  • a conventional information tampering detection device when tampering is performed on important transfer information, it is important to specify the terminal (location) and time at which the tampering was performed. 38. They cannot detect or identify them.
  • the present invention has been made under such a background. An information tampering detection device and a tampering detection program which can detect tampering of information even in a terminal which does not have a right to decrypt received information are provided.
  • FIG. 11 is a diagram for explaining the operation principle of the information tampering detection device according to one embodiment (second embodiment) of the present invention.
  • the information tampering detection device shown in this figure is composed of a terminal 100 installed on the sender side and a terminal 2 connected to the terminal 100] 3 via a network ⁇ ⁇ such as the Internet. 0 0 ⁇ .
  • step SB 1) terminal 100 (3 compresses transfer information 1 1] 3 using a hash function, and transfers information MD / 3 (message digest) 1 2 a 3
  • the transfer information MD / 3 1 2 a 3 is used for verifying whether or not the transfer contents of the sender and the reception contents of the receiver are different, as will be described later.
  • 3 transmits (transfers) the transfer information 11 ⁇ to the terminal 200 0
  • step SB 3 i3 the terminal 200 j3 encrypts the transfer information MD 1 2 b) 3 using the secret key of the receiver (terminal 200 ⁇ ), and ] 3 is generated.
  • the received content confirmation information 1 3] 3 is obtained by digitally signing the transfer information M ⁇ ⁇ 12 b ⁇ by the receiver (terminal 200/3). 0 0] 3) is information proving that the transfer contents (transfer information 11 ⁇ ) have been received.
  • the digital signature has been made through two processes: message digesting and encryption.
  • the digital signature includes a case in which, in addition to the above process, information that is not converted to a message digest, or a combination of the message digest and the information is encrypted with a secret key.
  • a digital signature is a piece of information, whether or not compressed, encrypted with a private key.
  • the terminal 200) transmits the received content confirmation information 13 iS to the terminal 100 3 via the network N ⁇ .
  • the terminal 100) 3 confirms the received content with the public key of the recipient (terminal 200) 3 in step SB 4/3
  • the information 13 is decrypted to create the transfer information MD ⁇ 12c ⁇ .
  • step S ⁇ 5 in the case of 3, terminal 100) 3 compares transfer information MD] 3 1 2 c] 3 with transfer information MD ⁇ 1 2 a ⁇ to determine whether tampering has been performed. Verify whether or not.
  • the terminal 100/3 receives the verification result as unaltered. If the transfer information MD ⁇ 1 2a ⁇ is different from the transfer information MD012c / 3, 40 The result is tampering.
  • the terminal 1 0 0] 3 encrypts the received content confirmation information 1 3] 3 using the secret key of the sender (terminal 1 0
  • the transmission content confirmation information 14 J3 is obtained by digitally signing the reception content confirmation information 13 by the sender (terminal 100] 3), and the sender (terminal 100 0) 3 ), Information for certifying that the receiver (terminal 200 j3) has transmitted the received transfer contents (transfer information 1 1] 3).
  • the transmission content confirmation information 14/3 is information for certifying that the receiver (terminal 200 ⁇ ) may retain the transfer content (transfer information 11i3).
  • FIG. 12 is a block diagram showing a specific configuration of the information tampering detection device according to one embodiment of the present invention. In this figure, parts corresponding to the respective parts in FIG. 11 are denoted by the same reference numerals. In the terminal 100/3 shown in FIG.
  • 101/3 is an information transmitting unit that transmits the transfer information 11J3 to the terminal 200 via the network N
  • 102 3 is an information receiving unit that receives the received content confirmation information 13/3 (see FIG. 11) transmitted from the terminal 200j3 via the network N3.
  • [10 3] 3 is a reception content confirmation information confirmation unit that executes the processing of steps SB l j3, SB 40 and SB 53 shown in FIG. / 3, sender, communication, and receiver information acquisition unit 103b and digital signature confirmation unit 103CJ3 .
  • the message digest creation section 103a) 3 executes the processing of the SB1 ⁇ in FIG. 41 Create transfer information MD] 3 1 2a / 3 by compressing with a hash function.
  • the sender / communication / recipient information acquisition unit 103 b) 3 acquires the sender information, communication information, and recipient information from the transfer information 1 1] 3 and the received content confirmation information 1 3; 3.
  • the sender information is information on the sender (terminal 100), and includes “sender name”, “ID”, “public key ID”, “mail address”, and a highly reliable third party.
  • the communication information is information on communication between the terminal 100
  • Recipient information is information about the recipient (terminal 2000) 3, and includes “recipient name”, “ID”, “public key ID”, “mail address”, and highly reliable third party. This is information such as an “electronic certificate” issued by the institution.
  • the digital signature confirming unit 103 c] 3 shown in FIG. 12 confirms whether the digital signature of the received content confirmation information 13 ⁇ (see FIG. 11) is from the recipient (terminal 200] 3).
  • 104/3 is a transmission content confirmation information creation unit that executes processing such as step S ⁇ 63 shown in FIG. 11, and a message digest creation unit 104 a) 3, sender, communication, receiver It has an information acquisition unit 104b] 3 and a message digest creation unit 104a] 3.
  • 3 creates transmission content confirmation information 14 ⁇ based on the reception content confirmation information 13 ⁇ .
  • the message digest creation unit 104a creates a message digest from the reception content confirmation information 13/3.
  • Sender, communication, and receiver information acquisition unit 103b] In the same manner as [3], acquire sender information, communication information, and receiver information from reception content confirmation information 13/3.
  • the digital signature adding unit 104c3 encrypts the received content confirmation information 13
  • 105/3 is an information transmitting unit that transmits the transmission content confirmation information 14 ⁇ to the terminal 200 via the network [3].
  • 201 i3 is an information receiving unit that receives transfer information 1 1] 3 transmitted from terminal 100
  • Reference numeral 202 denotes a reception content confirmation information creation unit that executes the processing of steps SB 2/3 and SB 3 jS shown in FIG. 11, and a message digest creation unit 202 a
  • the reception content confirmation information creation unit 202 ⁇ creates reception content confirmation information 1 3] 3 based on the transfer information 1 1) 3.
  • the message digest creating section 202a] 3 compresses the transfer information 11 ⁇ with a hash function to obtain the transfer information MD ⁇ 1 2b ⁇ (See Figure 11).
  • Sender ⁇ Communication-Recipient information acquisition unit 2 0 2 b 13 is the same as Sender ⁇ Communication ⁇ Recipient information acquisition unit 1 0 3 b / 3 described above.
  • 3 Obtain communication information and recipient information.
  • the digital signature adding unit 202c] 3 encrypts the transfer information MD ⁇ 12b ⁇ (see FIG. 11) using the secret key of the receiver (terminal 200 ⁇ ), thereby obtaining the transfer information MD ⁇ . Add a digital signature to ⁇ 1 2b ⁇ .
  • the transfer information MD / 3 12 b to which the digital signature is added is the received content confirmation information 13 ⁇ . 43
  • reference numeral 205/3 is a transmission content confirmation information confirmation unit for confirming the content of the transmission content confirmation information 14 J3 transmitted from the terminal 100/3 based on the transfer information 113. It has a message digest creation / acquisition unit 205a ⁇ , a sender / communication / receiver information acquisition unit 205b0, and a digital signature confirmation unit 205c3.
  • 3 includes the function of creating the message digest described above and the reception content confirmation information creation section 202 23 It has a function of acquiring the transfer information MD ⁇ 1 2b ⁇ (see FIG. 11) already created by the message digest creation unit 202 aj3 of FIG.
  • 3 does not create a message digest.
  • the sender ⁇ communication ⁇ receiver information acquisition unit 205 b / 3 is the same as the sender ⁇ communication ⁇ receiver information acquisition unit 103 b
  • the digital signature confirmation unit 205c3 uses the public key of the sender (terminal 1003) to confirm the digital signature for the received content confirmation information 13/3.
  • FIG. 13 is a flowchart for explaining the operation of the reception content confirmation information confirmation unit 103 i3 shown in FIG. 12.
  • FIG. 14 is a transmission content confirmation information creation unit 104 shown in FIG. 6 is a flowchart for explaining the operation of FIG.
  • FIG. 15 is a flowchart illustrating the operation of the reception content confirmation information creation unit 202] 3 shown in FIG. 12, and
  • FIG. 16 is a transmission content confirmation information confirmation unit shown in FIG. 5 is a flowchart for explaining the operation of 205/3. 44
  • FIG. 12 when the transfer information 11 1
  • the reception content confirmation information creation section 202/3 of the terminal 200 ⁇ generates the reception content confirmation information 13 ⁇ according to the flowchart shown in FIG. Specifically, in step SE1 ⁇ shown in FIG. 15, the reception content confirmation information creation unit 202iS inputs the reception content (transfer information 1 1/3). Thus, in step SE2 ⁇ , the message digest creation unit 202 ai3 compresses the received contents (transfer information 11] 3) with a hash function and outputs the message digest (FIG. 1). 1: Create transfer information MD J3 12 b ⁇ ). In the example shown in FIG. 15, the process may proceed from step SE1] 3 to step SE6jS without executing the process of step S ⁇ 2] 3.
  • ), Recipient information (recipient name, ID, public key ID, e-mail address, digital certificate, etc.) and communication information (transmission time, reception time, communication method, communication ID, etc.) are imported from transfer information 1 1] 3 .
  • the sender, communication, and receiver information acquisition unit 202b] 3 transmits the sender information, receiver information, and communication input in steps SE3j3 to SE5 / 3.
  • the received content confirmation information creation unit 202 which has acquired the information, sends the received content (transfer information 1 13), the transfer information MD 1 2b) 3, the sender information, the receiver information, the communication information, etc.
  • step SE7i3 the message digest creation unit 202a
  • step SE83 the digital signature adding section 202c encrypts the message digest created in step SE7 with the recipient's private key, thereby providing a digital signature to the message digest. Add a signature.
  • 3 the reception content confirmation information creation unit 202 ⁇ combines the information to create the reception content confirmation information 1 3] 3 shown in FIG. This is output to the information transmission section 203/3.
  • the message digest creation unit 202a / 3 transmits the transfer information MD ⁇ 1 2h ⁇ as necessary in the transmission content confirmation information confirmation unit 205] 3. Output to 0 5 a / 3.
  • the message digest creation / acquisition unit 205a / 3 acquires the transfer information MD ⁇ 12b ⁇ without creating a message digest.
  • the received content confirmation information 13 is transmitted to the terminal 100] 3 via the network N
  • the reception content confirmation information confirming unit 103 of the terminal 1003 detects tampering by confirming the content of the reception content confirmation information 13
  • step SC1 ⁇ shown in Fig. 13 the received content confirmation information confirmation
  • the recognition unit 103/3 proceeds to step SC2j3.
  • 3 the message digest creation unit 103 a] 3 decrypts the received content confirmation information 13 ⁇ using the recipient's public key, thereby obtaining the message digest ( Figure 11: Create (acquire) the transfer information MD ⁇ 12c ⁇ ).
  • 3 the digital signature verifying unit 103 c uses the public key of the receiver (terminal 200 i3) to digitally sign the received content confirmation information 13 i3 by the receiver. Check if it is.
  • the received content confirmation information 13 can be decrypted with the public key of the receiver (terminal 200/3), the received content confirmation information 1 3
  • the received content confirmation information 1 3; 3 cannot be decrypted with the recipient's public key, the received content confirmation information 1 3
  • the reception content confirmation information confirming unit 103 J3 determines the digital signature of the reception content confirmation information 13 ⁇ from the result of the confirmation in step SC3] 3 by the receiver (terminal 200). )), And if the result of the determination is “NO”, it is assumed that tampering or communication error has occurred.
  • step SC 5 ⁇ various information included in the received content confirmation information 13 ⁇ is classified.
  • the various types of information include received information content, the above-described sender information, receiver information, communication information, a message digest (transfer information MD ⁇ 12cj3), and the like. 47
  • the reception content confirmation information confirmation unit 10 3 i3 inputs the information on the sender, the communication information, the recipient information, and the like regarding the communication transferred to the step SC 6 (proceed to step 3 and transfer information 1 1) 3 by the sender. I do.
  • the message digest creation unit 103a of the reception content confirmation information confirmation unit 103] 3 compresses the transfer information 111 with a hash function and transfers the transfer information MD. Create ⁇ 12 a ⁇ (see Fig. 11). Then, the reception content confirmation information confirmation unit 10 3] 3 verifies the reception content for each information by comparing the reception content and the transmission content in steps SC 9 jS to SC 12.
  • step SC13] 3 the reception content confirmation information confirmation unit 1033 receives the verification results in steps SC9] 3 to SC12j3 and determines whether the reception content is different from the transmission content. If the result of the determination is “NO”, it is assumed that tampering or a communication error has occurred. On the other hand, if the received content is not different from the transmitted content, the received content confirmation information checking unit 10 3] 3 sets the determination result of SC 13] 3 to “YES” and determines that no tampering has occurred. I do.
  • the transmission content confirmation information creation unit 104] 3 executes processing for creating transmission content confirmation information 14 (see FIG. 11) according to the flowchart shown in FIG.
  • the transmission content confirmation information creation unit 104] 3 inputs the reception content confirmation information 13 ⁇ in step SD1 ⁇ shown in FIG. 14, and then transmits the reception content confirmation information approval information in step SD2] 3.
  • the reception content confirmation information approval information is information indicating that the reception content confirmation information confirmation unit 103 has approved (confirmed) the content of the reception content confirmation information 1 3] 3.
  • the information indicating this approval (confirmation) includes the time of approval, the terminal, the approver (in one embodiment, the sender). 48. Generated based on information about.
  • step SD3] 3 the transmission content confirmation information creation unit 1043 integrates the reception content confirmation information 13 ⁇ and the reception content confirmation information approval information.
  • step SD4] 3 the message digest creating unit 104a) 3 acquires the message digest of the information integrated in step SD3 ⁇ , and then proceeds to step SD53.
  • 3 the digital signature adding unit 104cJ3 performs a digital signature on the message digest by encrypting it with the secret key of the sender (terminal 100/3).
  • 3 transmission content confirmation information creating section 104/3 integrates the various information in step SD3 and the message digest digitally signed in step S S5 ⁇ .
  • the transmission content confirmation information creation unit 104 ⁇ creates transmission content confirmation information 14 ⁇ , and the transmission content confirmation information 14 4] 3 is output to the information transmission unit 1053 You.
  • the transmission content confirmation information 14) 3 is transmitted to the terminal 200 via the network ⁇ 3 by the information transmission unit 105/3, and then transmitted to the information reception unit of the terminal 200 3. 2 0 4; Accordingly, the transmission content confirmation information confirmation unit 205/3 of the terminal 200/3 confirms the transmission content confirmation information 14 ⁇ according to the flowchart shown in FIG.
  • step SF 13 the transmission content confirmation information confirmation section 205/3 receives the transmission content confirmation information 1 4] 3 received by the information reception section 204. After that, the process proceeds to step SF20.
  • step SF 2/3 49.
  • the message digest creation / acquisition unit 205a decrypts the message content confirmation information 14 ⁇ using the public key of the sender (terminal 100 ⁇ ) to generate the message digest. Create (acquire).
  • step SF3 / 3 the digital signature confirmation unit 205c / 3 uses the public key of the sender (terminal 100/3) to send the transmission content confirmation information 14
  • the transmission content confirmation information 14 ⁇ could be decrypted with the sender's (terminal 100] 3) public key, the transmission content confirmation information 14 4) 3 was digitally signed by the sender.
  • the transmission content confirmation information 1 4] 3 cannot be decrypted with the sender's public key, the transmission content confirmation information 14 is not digitally signed by the sender.
  • the transmission content confirmation information confirming unit 205/3 receives the digital signature of the transmission content confirmation information 14 from the confirmation result of step SF3
  • step SF5 various information included in the transmission content confirmation information 14 ⁇ is classified.
  • the various types of information include the contents of received information, the above-described sender information, receiver information, communication information, a message digest, and the like.
  • the transmission content confirmation information confirmation section 205 proceeds to step SF6] 3, and receives the transfer information 1 1] 3 received, the sender information related to the communication transferred by the sender, 50 Enter communication information, recipient information, etc.
  • a message digest creation and acquisition unit 205a of the transmission content confirmation information confirmation unit 205] 3 (3 is the transfer information 11 1) 3 compressed by a hash function
  • the transfer information MD] 3 1 2b ⁇ (message digest)
  • the message digest creation / acquisition unit 205a / 3 is used for the message digest creation unit 202a] 3
  • the transmission content confirmation information confirmation unit 205/5/3 performs steps SF 9/3 to SF 12 ⁇
  • the transmission content confirmation information confirmation unit 205 ⁇ checks the received content by comparing the transmitted content with the transmitted content in step SF13 / 3.
  • the reception content confirmation information 13 ⁇ the transmission content confirmation information Since tampering detection is performed using 140, even if the terminal does not have the right to decrypt the received information, it is possible to detect tampering of the information.
  • a tampering detection program for realizing the above-described functions is provided.
  • the program may be recorded on a computer-readable recording medium, and the falsification detection program recorded on the recording medium may be read and executed by a computer system to perform the falsification detection of the information.
  • the falsification detection program is recorded in its entirety or in part on a portable medium such as a floppy disk, CD-ROM, or a storage device such as a hard disk.
  • the tampering detection program is read by a computer, and all or part of the operation is executed.
  • the recording medium mentioned here is not limited to a medium in which a falsification detection program is statically recorded, such as a magneto-optical disk, but may also be a falsification detection program through a communication line such as an Internet dedicated line or a telephone line.
  • tampering detection is performed using the reception content confirmation information and the transmission content confirmation information, and thus the right to decrypt the received information is possessed. Even if the terminal does not, it can detect falsification of information.
  • the invention of the third embodiment relates to an encryption device, a decryption device, a method, and a recording medium for encrypting and decrypting information.
  • the following technology has been known. 52
  • confidentiality of this information may be required for information transmission. Therefore, various encryption schemes have been devised.
  • FIG. 33 shows an operation flowchart of an example of a conventional encryption device using a well-known encryption method. In the method of this example, the public key code method and the common key encryption method are used in combination.
  • the encryption device inputs a common key by the sender or generates a random key on the side of the encryption device to generate a common key and obtain the common key (step S 15 1 y) 0
  • the common key is encrypted using the public key of the receiver using public key cryptography, and is used as an encryption key (step S152y).
  • the plaintext is encrypted using the common key to generate a ciphertext (step S 1 5 3 7) o
  • a plaintext is compressed using a hash function to create a message digest MD ⁇ (step S154y).
  • a digital signature is added by encrypting the MD 7 with the private key of the sender (step S155y).
  • FIG. 34 shows an operation flowchart of a decryption device using a decryption method corresponding to the encryption / digital signature method.
  • the decryption device Upon receiving the encryption key, the ciphertext, and the digital signature, the decryption device first decrypts the encryption key using the recipient's private key to obtain a common key (step S161 ⁇ ).
  • the ciphertext is decrypted by using the common key to obtain a plaintext (step S 1 62 ⁇ ) c 53.
  • the plaintext obtained by decryption is compressed with a hash function, and the message message MD
  • step S 1647 the digital signature of the received message digest MD ⁇ is decrypted with the sender's public key to obtain MDy (step S 1647) 0
  • this MDY is compared with the previous MD' ⁇ to verify that the original plaintext has not been tampered with.
  • identity verification can confirm the identity of the plaintext celebrity.
  • FIG. 35 shows the information composed of ⁇ data parts (plaintext) and the structure of the encrypted information generated from this information.
  • the encryption information in this case includes an encryption key corresponding to each data packet, a ciphertext of the data part, and a digital signature of the data part.
  • the size of a digital signature attached to a 69-byte data part is 23,299 bytes.
  • the present invention has been made in view of the above points, and can reduce the overhead of encrypted information obtained by encrypting information including a plurality of data parts (plain text), and can be used by a plurality of users. It is an object of the present invention to provide an encryption device, a decryption device, a method, and a recording medium which are capable of simultaneously verifying and falsifying each data part for falsification.
  • a third embodiment will be described with reference to the drawings.
  • FIG. 19 is a block diagram illustrating a configuration of an encryption device and a decryption device according to an embodiment of the present invention.
  • the encryption / decryption device 10 T / of the present embodiment includes a key encryption unit 11 ⁇ , a key decryption unit 12 ⁇ , an encryption unit 13 ⁇ , and a decryption unit 14 ⁇ .
  • the key encryption unit 11 ⁇ is composed of the common key acquisition unit 15 ⁇ , the common key encryption unit 16 ⁇ , and the first It is composed of a common key tampering detection information creation unit 1.7 ⁇ as a tampering detection information creation unit.
  • the key decryption unit 12 ⁇ is composed of a common key decryption unit 18 ⁇ , a common key falsification information creation unit 19 ⁇ as a second common key falsification detection information creation unit, and a falsification as a first falsification verification unit.
  • the verification unit consists of 20 ⁇ .
  • the encryption unit 13 ⁇ includes a data encryption unit 21 ⁇ and a data tampering detection information creation unit 22y as a first data tampering detection information creation unit.
  • the decryption unit 14 V is composed of a data decryption unit 23 y, a data tampering detection information creation unit 24 7 as a second data tampering detection information creation unit, and a tampering verification unit 25 ⁇ as a second tampering verification unit.
  • the common key acquisition unit 15 ⁇ acquires or generates a common key used for encryption.
  • the common key is generated using, for example, a random number generation device or the like.
  • the common key encryption unit 16 ⁇ encrypts the common key using a public key code system such as the RS ⁇ system or the elliptical system.
  • the public key used for encryption uses the public key of the member who shares the information.
  • the common key is encrypted using the public keys possessed by the three members, and three encryption keys are created.
  • the common key tampering detection information creation unit 17 ⁇ creates key information to be used for verifying the validity of the common key (1. not falsified, 2. created by a valid user, etc.).
  • the common key was compressed with a hash function such as MD5 or SHA-1 to create a message diage MDy of the common key, and a digital signature was applied to this MD using the secret key of the common key creator. Can be used as key information.
  • a digital signature method such as DSA may be used in addition to the public key encryption method.
  • the common key decryption unit 18 ⁇ decrypts the encryption key encrypted by the common key encryption unit 16 ⁇ using a public key cryptosystem.
  • the secret key used for decryption the secret key of the user who performs decryption is used.
  • Common key falsification detection information creation unit 1 9 56 y creates common key falsification detection information used to confirm the validity of the common key. For example, a message digest MD′ ⁇ is created by compressing the common key decrypted by the common key decryption unit 18 ⁇ with a hash function.
  • the tampering verification unit 20 ⁇ is shared by comparing and verifying the key information (for example, MDT) and the common key falsification detection information (for example, MD'y) created by the common key falsification detection information creation unit 19 ⁇ . Check the validity of the key. In order to confirm the validity of the common key, it is necessary to confirm the validity of the creator of the common key itself, but this is specified separately.
  • the data encryption unit 21 ⁇ encrypts the data parts (plaintext) using a common key cryptosystem to generate a ciphertext.
  • the common key used for encryption uses the common key obtained or generated by the common key acquisition unit 15 ⁇ , and when using existing encryption information, the common key decryption The common key decrypted by the decrypting unit 18 ⁇ is used.
  • the data tampering detection information creation section 22 creates first data tampering detection information for verifying whether the data parts have been tampered with. For example, a message digest obtained by compressing a data part using a hash function, partial information extracted from the data part, an ID number, and the like can be used as the first data tampering detection information.
  • the data decryption unit 23 decrypts the ciphertext using the common key cryptosystem.
  • the data tampering detection information creation unit 24 ⁇ generates second data tampering detection information corresponding to the first data tampering detection information to verify whether the data parts have been tampered with. For example, a message digest created by compressing the original data decrypted by the data decryption unit 23 y using a hash function, partial information extracted from data parts, ID number etc. 57
  • the falsification verifying unit 25 ⁇ checks the validity of the original data part by comparing and verifying the first data falsification detection information and the second data falsification detection information.
  • the common key encryption unit 16 V and the data encryption unit 21 ⁇ may be realized by the same device.
  • the common key decryption unit 18 ⁇ and the data decryption unit 23 ⁇ may be realized by the same device.
  • the common key tampering detection information creation units 17 ⁇ and 19 ⁇ or the data tampering detection information creation units 22 ⁇ and 24 ⁇ may be realized by the same device.
  • the encryption / decryption device according to the present embodiment may be realized and used as an independent device instead of a single device.
  • the encryption device according to claims 51 and 52 can be composed of a key encryption unit 11 # and an encryption unit 13y. Further, the encryption device according to claim 53 can be configured by a key encryption unit 11 1, an encryption unit 13 ⁇ , and a key decryption unit 12.
  • the decryption device according to claims 54 and 55 can be composed of a key decryption unit 12 and a decryption unit 14 ⁇ .
  • FIG. 20 shows a use form of the encryption / decryption device 10 ⁇ of the present embodiment.
  • an information storage device 30 ⁇ composed of a server and other terminal devices connectable to the network, and a terminal device 317 provided with an encryption / decryption device 10 ⁇ are connected via a network.
  • the information storage device 30 ⁇ includes a non-volatile recording device such as a hard disk or a magneto-optical disk, and can store cipher text, data tampering detection information, an encryption key, key information, and related information as encryption information. .
  • input to the terminal device 3 1 ⁇ as a peripheral device.
  • the input device refers to an input device such as a keyboard and a mouse.
  • the display device refers to a cathode ray tube (CRT) or a liquid crystal display device.
  • the encrypted information may be stored in the local terminal device 31 ⁇ and used for a standalone loan.
  • the common key obtaining unit 15 ⁇ obtains a common key or generates a common key by input from the outside of the encryption / decryption device 10 ⁇ (step S 3 0 1 y) 0
  • the key encryption unit 16 ⁇ generates an encryption key obtained by encrypting the common key using the public key of the user obtained in advance via the network (step S302y). ).
  • the common key tampering detection information creation unit 17 ⁇ creates information about the common key creator, such as the secret key of the common key creator, as key information as common key tampering detection information (step S303T). .
  • Data encryption unit 2 1 ⁇ encrypts data part 1 ⁇ (plaintext) and encrypts 59
  • step S 304 y is generated (step S 304 y), and the data tampering detection information creation section 22 ⁇ creates data tampering detection information 1 y that is information on data part 1 ⁇ from data part ly (step S 304). 305).
  • step S 304y the process from step S304y to step S305y is repeated n times.
  • a set of ciphertexts 1, 2, ' ⁇ , n, data tampering detection information 1, 2, ⁇ , n, key information, and an encryption key is transmitted to the information storage device 30 y as encryption information ( Step S306 y).
  • the above explanation is for a single user and a single type of encryption key.
  • step S302 ⁇ m kinds of encryption keys are generated using the public key of each user. That is, an encryption key corresponding to each user is generated.
  • Figure 22 shows the structure of the information before encryption and the structure of the encrypted information.
  • the data parts 1, 2,..., N before the encryption are used, and the encrypted information is ciphertext 1, 2,..., N and the data tampering detection information 1, 2,. ⁇ , N and encryption keys 1, 2, ⁇ , m and key information are created.
  • the operation of the encryption / decryption device 10 # when decrypting the encryption information including the ciphertext of a plurality (n) of data parts will be described with reference to the operation flowchart of FIG. .
  • This process can be performed by the person who owns the private key that is paired with the public key used to create the encryption key. ' 60
  • the encryption / decryption device 10 ⁇ acquires the encryption information stored in the information storage device 30 ⁇ (step S501y).
  • the encryption key included in the encryption information is associated with a user name, a user ID, and the like, and the encryption key corresponding to the user is transmitted from the information storage device 30 y to the encryption / decryption device 10 ⁇ .
  • the common key decryption unit 18 ⁇ decrypts the encryption key using the user's secret key to obtain a common key (step S502y).
  • the common key tampering detection information creating unit 19 # creates common key tampering detection information from the common key obtained in step S502 ⁇ (step S503 ⁇ ).
  • the tampering check part 2 0 gamma is common key falsification detection information to verify compare verifies the validity of the key generator (step S 5 0 4 y) 0 In this case the acquired key information, two pieces of information match By doing so, the legitimacy of the key creator can be determined. If it is determined in step S504 ⁇ that the key creator is valid, the following processing is sequentially performed on a set of ⁇ ciphertexts and ⁇ data tampering detection information.
  • the data decryption unit 23 ⁇ decrypts the ciphertext using the common key (step S505y) c. Then, the data tampering detection information creation unit 24 converts the decrypted data parts into (Step S506y) c
  • the data tampering detection information created here is referred to as first data tampering detection information
  • the data tampering detection information held as the 61st information is referred to as second data tampering detection information.
  • the falsification verification unit 25 ⁇ compares the generated first data falsification detection information with the second data falsification detection information that is a part of the encrypted information, and verifies whether the falsification has been performed (step S5). 0 7 y).
  • step S508y the decrypted data pad (plaintext) is output (step S508y).
  • the encryption key is associated with the user name, user ID, etc., so that the key decryption unit 12 ⁇ / uses only the encryption key corresponding to the user. .
  • the above steps S502T to S504 Set y as follows. First, in step S502y, all the encryption keys are decrypted.
  • step S503y common key tampering detection information is created for all of the common keys generated in step S5207.
  • step S504 / each common key falsification detection information and key information are compared and verified. When all the combinations are different, it is known that tampering has been performed, and if there is a match, the corresponding common key is known to be a formal common key.
  • the encryption information is created from the data bytes 1, 2, ..., n described above.
  • an encryption key and key information are obtained from the information storage device 30 ⁇ in which the encryption information is stored (step S601 ⁇ ).
  • the encryption key included in the encryption information is associated with a user name, a user ID, and the like, and the encryption key corresponding to the user is transmitted from the information storage device 30 ⁇ to the encryption / decryption device 10 ⁇ . Shall be granted.
  • the common key decryption unit 18 ⁇ decrypts the encryption key corresponding to the user using the user's private key (step S602y).
  • the common key falsification detection information generator 1 9 gamma to create a common key falsification detection information from the common key obtained in step S 6 0 2 ⁇ (Step S 6 0 3) 0 tampering verification unit 2 0 gamma is Then, the key information and the common key tampering detection information are compared and verified to see if they match, and the validity of the key creator is verified (step S640). In this case, the validity of the key creator can be determined by matching the two information.
  • step S604 ⁇ If it is determined in step S604 ⁇ that the key creator is valid, the data encryption unit 21 ⁇ encrypts the added data part ⁇ + 1 to generate a ciphertext ⁇ + 1 (step S 6 0 5 y) c Further, data tampering detection information creation unit 2 2 ⁇ is tampered with data part ⁇ + 1 63. Create detection information n + 1 (step S606g).
  • step S605y If the number of data parts to be added is L, the processing from step S605y to step S660y is repeated L times c and the ciphertexts n + 1, n + 2, ... ', n + L and tampering detection information n + 1, n + 2, ...
  • N + L are transferred to the information storage device 30 T and additionally stored as encrypted information (step S 607 y).
  • the key decryption unit 12 ⁇ uses only the encryption key corresponding to the user by associating the encryption key with the user name, the user ID, and the like.
  • the above steps S602 y to S6 0 4 make y as follows. First, in step S602 ⁇ , all the encryption keys are decrypted. When a plurality of encryption keys are decrypted in step S62027, a plurality of common keys including an unauthorized one are generated.
  • step S603y common key tampering detection information is created for all the common keys generated in step S6207.
  • step S604 each piece of common key falsification detection information and key information are compared and verified. When all the combinations are different, it is known that tampering has been performed, and if there is a match, the corresponding common key is known to be a formal common key.
  • Figure 25 shows the configuration before and after the encryption information is added.
  • the ciphertext n + 1, n + 2,..., N + L and the data tampering detection information n + 1, n + 2,. Indicates that it has been added to the encryption information.
  • the operation of the encryption / decryption device 10 ⁇ when adding a shared member to the team sharing the encryption information stored in the information storage device 30 ⁇ is shown in the operation flow shown in Figure 26. This will be described with reference to the chart. Here, a case will be described in which a shared member ⁇ adds a shared member C as a new shared member to a team to which the shared members ⁇ and ⁇ belong.
  • the encryption / decryption device 10 y accesses the information storage device 30 ⁇ by operating the shared member 1 to obtain the key information and the encryption key ⁇ corresponding to the shared member 1 (step S810 [gamma]).
  • the common key decryption unit 18 ⁇ decrypts the encryption key ⁇ using the secret key of the shared member who is the receiver to obtain a common key (step S 802 y) c Common key falsification detection information
  • the creating unit 19 ⁇ creates common key falsification detection information from the common key (step S803 ⁇ ).
  • the falsification verifying unit 20 ⁇ compares and verifies the acquired key information and the common key falsification detection information to confirm the validity of the key creator (Step S804y). In this case, it is verified that tampering has not been performed by matching the two information.
  • step S804 ⁇ when the validity of the key creator is confirmed, common key encryption section 1667 encrypts the common key using the public key of shared member C to be added as a shared member, and performs encryption. Generate the encryption key C (step S805y).
  • the key encryption unit 1 2 ⁇ transfers the generated encryption key C to the information storage device 30 ⁇ 6 ⁇ (Step S806 ⁇ ).
  • the encryption keys A, B, and C corresponding to the three shared members are stored in the information storage device 30 ⁇ , and thereafter, the added shared member C is assigned to the team encryption key.
  • Reference to modification information ⁇ Change etc. can be performed.
  • Figure 27 shows the configuration of encrypted information before adding shared member C and the configuration after adding shared member C.
  • the encryption key C for the shared member C which is a new shared member, is added to the original encrypted information as the encrypted information.
  • the operation of the encryption / decryption device 10 ⁇ when deleting a shared member will be described with reference to the operation flowchart shown in FIG.
  • the encryption / decryption device 10 # acquires a deletion command for deleting the shared member by the input operation of the shared member 10 (step S101 ⁇ ).
  • the data tampering detection information creation unit 2 2 ⁇ creates data tampering detection information corresponding to the delete instruction of the shared member ((step S 10 2 ⁇ ) 0
  • the encryption / decryption device 10 ⁇ The deletion information, which is a set of the shared member deletion instruction and the data tampering detection information serving as identification information for identifying the person who issued the deletion instruction, is transferred to the information storage device 30 ⁇ (step S103 ⁇ ).
  • the information storage device 30 has a function to identify the person who issued the deletion command. 66. It is assumed that the encryption key corresponding to the deletion instruction can be deleted. Further, as the data tampering detection information used here, the digital signature of shared member B for the delete instruction of shared member A may be used.
  • the information storage device 30 uses an ID, a password, or the like as identification information for identifying the person who issued the deletion instruction, and checks the information storage device 30 with the identification information registered in the information storage device 30 ⁇ . Moore.
  • Figure 29 shows the configuration of the encrypted information before deletion of shared member ⁇ and the configuration after deletion. Here, it is shown that the encryption key A for the shared member A has been deleted from the original encryption information as the encryption information.
  • the operation of the encryption / decryption device 10 ⁇ according to the present embodiment will be described in detail using a specific example.
  • user ⁇ is scheduled to be shared by team 101 ⁇ (three users ⁇ , B, and C belong) on October 1, 1998
  • the process when adding the terms "Seminar one participation" and "1 5: 0 0" to the item of is explained.
  • the information on the schedule includes encrypted information and unencrypted information.
  • the encryption / decryption device 10 ⁇ used by the user B includes an input unit (not shown) for receiving data input by the user ⁇ and a display unit (not shown) for displaying information. And First, the user ⁇ accesses the information storage device 30 y from the encryption / decryption device 10 ⁇ , and confirms whether or not he / she can access the schedule of October 1998 of team 101 y. If accessible, access Team 1 October 1's October 1998 schedule.
  • the information storage device 30 ⁇ transfers the schedule of October 1998 of Team 1998 to the encryption / decryption device 10 ⁇ , and the encryption / decryption device 10V displays its information. To display the schedule. At this stage, it is assumed that the schedule information has not been encrypted yet.
  • User ⁇ ⁇ uses the input unit of the encryption / decryption device 10 ⁇ to input “Seminar one participation” and “15: 0 00-” in the item on October 1, 1998. .
  • a common key is generated in the common key encryption unit 16 ⁇ . In this embodiment, this common key is called cKey1y.
  • the common key encryption unit 16 y encrypts the public keys of the user A, user B, and user C using, for example, the public key cryptosystem RSA.
  • the common key encryption unit generates three encryption keys corresponding to three users.
  • these encryption keys are referred to as eKeylAy, eKey1B ⁇ , and eKey1Cy, respectively.
  • the common key tampering detection information creation unit 17 ⁇ creates MD ⁇ , which is a message digest of the common key, and further uses this MD ⁇ with the digital signature of the user's private key.
  • the c data encryption unit 21 ⁇ in which the MD y that performed the digital signature is the key information is Signed K eyly uses the schedule data “seminar one participation” as the common key c K ey 1 Encrypt with ⁇ , ciphertext C rypt D a 68. Generate ta1y.
  • the data tampering detection information creation unit 22 ⁇ generates a message digest of “participation in seminar” Message D1 ⁇ using MD5 which is a hash function.
  • the procedure applied to "Seminar One Participation" is performed on the schedule data parts "15: 0 00-", and the encrypted text Crypt D ata 2 y of ⁇ 15: 0 00- "and the message digest Lead M essage D 2 /.
  • the information is transferred from the encryption / decryption device 10 ⁇ to the information storage device 30.
  • the configuration of the information stored in the information storage device 30 ⁇ at this time is shown in FIG.
  • Information for distinguishing the schedule created in the above processing, user ID and encryption key, key information, ciphertext, data tampering detection information and related information are stored.
  • the user ⁇ is added to the encrypted information created in the third embodiment by the team 101 (users A, B, Explains the processing when adding the terms “meeting” and “17: 00: 00-” to the items on October 2 of 199 8 in the schedule shared by the three members of C) I do.
  • the user A accesses the information storage device 30 from the encryption / decryption device 10 ⁇ , and confirms whether the user can access the schedule of the team 101 ⁇ in October 1998. 69
  • Information storage apparatus 3 0 T transfers the encryption key e K ey 1 A ⁇ and the key information S igned K eyl 7 to the encryption decoder 1 0 ⁇ .
  • User ⁇ uses the input section of the encryption / decryption device 10 ⁇ to enter “meeting” and “ 17:00:00” in the business item on October 2, 1998.
  • the common key decryption unit 18 ⁇ decrypts the encryption key eKey1 1 ⁇ by using the secret key of the user ⁇ to generate the common key cKey1 ⁇ .
  • the common key tampering detection information creation unit 19 ⁇ creates a message digest key D1′ ⁇ of the common key cKeyly.
  • the falsification verification unit 20 ⁇ decrypts the Keyed Keyly of the key information using the public key of the user B, and obtains the message digest key Dly of the common key before encryption. Then, the key D ly is compared with the key D l ' ⁇ . If the key D ly and the key D l 'y are equal, it is understood that the common key created by the user ⁇ ⁇ ⁇ belonging to the team 101 ⁇ can be obtained without tampering. Thus, the validity of the common key can be confirmed. Here, it is necessary for the user to determine whether the creation of the common key is legitimate, that is, to confirm the validity of the common key creator itself as information for confirming the validity of the common key creator. is there.
  • the fact that the common key creator is the user ⁇ is displayed as a dialog box on the display unit of the encryption / decryption device 1 ⁇ . And ask the user to confirm it, or from the information storage device 30 via a network. 70 It may be obtained as related information.
  • the data encryption unit 21 encrypts the “conference”, which is the data part of the schedule, with the common key cKey1 ⁇ , and generates a ciphertext CryptData3y.
  • the data tampering detection information creation unit 22 ⁇ generates, for example, a message digest Message D3 of "conference" using MD5 which is a hash function.
  • the team ⁇ ⁇ ⁇ created in the third and third embodiments and stored in the information storage device 30 y 1 998 10 10 The process when user C refers to the month schedule will be described. First, user C sends an error message from encryption / decryption device 10 ⁇ to information storage device 30 y. 71. Make sure you have access to the schedule for October 1980 on Team 101 ⁇ . If it is accessible, access the schedule of October 1998 in Team 101 ⁇ .
  • the information storage device 30 ⁇ encrypts and decrypts the schedule of the October 1 198 October 1998 and the encryption key e K ey 1 C ⁇ and key information S igned ⁇ ey 17 Transfer to device.
  • the common key decryption unit 18 y decrypts the encryption key eKey1Cy using the secret key of the user C to obtain the common key cKey1 ⁇ .
  • a message digest cKeyD'v of the common key cKey1 ⁇ is created by the common key tampering detection information creation unit 19 ⁇ .
  • the falsification verifying unit 20 ⁇ decrypts the Signed Keyy using the public key of the user B to obtain a message digest cKeyD ⁇ of the common key before encryption.
  • this message digest cKeyDy is compared with the previous message digest cKeyD' ⁇ . If these two message digests are equal, it can be verified that the common key cKey1 ⁇ created by the user ⁇ belonging to team 101 ⁇ can be obtained without tampering. That is, the validity of the obtained common key can be confirmed. Also, here, it is necessary to confirm the validity of the symmetric key creator itself, as described in the third-second embodiment.
  • the data decryption unit 23 ⁇ decrypts the ciphertext Crypt D ata 17 using the common key cK ey 17 obtained from the common key decryption unit 18 ⁇ . 72 This is where the plaintext "participation in the seminar" is obtained.
  • the data tampering detection information creating unit 24 ⁇ generates a plaintext message digest Message Dl' ⁇ using MD5 which is one of the hash functions.
  • the message digest message D17 transferred from the information storage device 30 ⁇ is compared with the message digest message D1′ ⁇ generated by the data tampering detection information creation unit 24 ⁇ . If these two message digests are equal, it can be understood that the data parts created by the person belonging to team 101y can be obtained without tampering.
  • Figure 32 shows a display example of the schedule after decryption.
  • the data part “Seminar Participation” entered by User B, “15: 00-” and the data part entered by User A “Conference”, “17: 00-” Can be seen by User C, who belongs to the same team.
  • shared members belonging to one team can freely add or change data parts for encrypted information, refer to data parts of other shared members, etc.
  • Confidentiality As an example, each size of lessage D ly,-., Message D 4 y is 16 bytes, and the size of key information is 230 bytes (there is a lower limit). 73. In this example,
  • the method of the present invention can reduce the amount of information compared to the conventional method.
  • the invention of the third embodiment may use a LAN or a dial-up network in addition to the Internet.
  • a program for realizing the encryption device, the decryption device, and the method of the present invention is recorded on a computer-readable recording medium, and the program recorded on the recording medium is read into a computer system. Encryption by executing
  • decoding processing may be performed.
  • the encryption program uses a common key encryption method to obtain or generate a common key used for encryption and a public key encryption method.
  • the function to create the first data tampering detection information from the plain text is realized by the computer.
  • the decryption program decrypts the encryption key using a public key cryptosystem and a function of decrypting the encryption key.
  • a computer is provided with a function of performing tampering verification based on the information and the second data tampering detection information.
  • falsification detection information is not created for each plaintext, and a key serving as falsification detection information is provided for a common key for encrypting each plaintext.
  • the inventions of the fourth to fourth embodiments are to create, manage, and create a team data list for hierarchizing teams such as departments and sections of a company composed of a plurality of users (members).
  • a team data list processing system for storing and sharing various information and various functions provided to users safely among users. More specifically, a team data list storage device that is responsible for processing related to the storage of team data lists, and a team data list that performs various management on the team data list obtained from the team data list storage device
  • the present invention relates to a system including a management device.
  • the following techniques have been known. 75-In order to share various resources such as various functions and information provided to users among multiple users, the user requesting access to these resources has the right to truly access the resources. It is necessary to provide a function for verifying whether or not there is a check.
  • FIG. 51 shows an overview of a conventional system that uses ACLs to share information among multiple users.
  • the intranet 1 ⁇ and the internet 2 ⁇ are connected to the server 56 via firewalls 36 and 4 ⁇ , respectively, and only those inside the intranet 1 ⁇ are connected. Instead, shared members 6 ⁇ outside the intranet share information with each other via the internet 2 ⁇ .
  • intranet 1 is a closed network such as a network established in a company, while Internet 2 ⁇ is a public network that spans the globe. is there.
  • the firewalls 30 and 4 ⁇ are computers to prevent malicious intruders from illegally accessing the intranet 1 ⁇ .
  • the server 5 is a terminal (computer) in which various resources are stored, and includes a database 7 storing shared information, a group that can access specific information or functions, and members belonging to the group. It has ACL 8 ⁇ that holds the member list.
  • This server 5 ⁇ is stored in database 7 76
  • the user authentication function that verifies whether the communication partner corresponding to the client is a previously authorized person, and the access to shared information based on ACL8 ⁇ . It has an access control function that verifies the feasibility and a group management function that enables only members belonging to a specific group to access specific shared information based on ACL8 ⁇ .
  • the server 5 ⁇ performs user authentication by referring to the ACL 8 ⁇ each time. If the user is defined as a member in ACL 86, access is permitted.
  • the server 5S checks ACL 8 ⁇ to see if the member is included in a specific group, and if the member has an access request. They try to determine whether they are allowed to access shared information.
  • the server-side administrator it may not be preferable to include the server-side administrator as a sharing member. For example, a system administrator belonging to the information system department of a certain company may not be able to access the company's personnel information that should be shared only within the human resources department.
  • the administrator of the server 5 ⁇ is authorized to set and manage the ACL 86.
  • the server administrator 5 ⁇ can make unauthorized access to the ACL 8 ⁇ , and it is impossible to prevent the setting contents of the ACL 8 ⁇ from being tampered with intentionally.
  • the server SV 77 In addition to this, besides the server administrator, the server SV 77
  • each section may be divided into several groups for different tasks.
  • it is very burdensome for the director of development to manage each section and the members of all groups belonging to each section. Therefore, in order to distribute such management burden, some people are assigned to assist the director of the development department, and these people are assigned to perform part or all of the management work.
  • the director of the development department is given only authority to perform tasks such as section creation and consolidation, and the internal management and information sharing itself of the section is left to the section manager and group leaders below it. Have been.
  • the conventional system described above has a problem in that flexible management and information sharing suitable for the organizational form of the company as described above are not considered at all.
  • the present invention has been made in view of the above points, and its purpose is to provide a server. 78 Preventing persons outside the team corresponding to the organizational unit of the company, including crackers, including crackers, etc. It is to provide a team data list processing system for realizing the functions. More specifically, only those who are specifically selected from the members who belong to each team can create sub-teams under the team, assign sub-team creation rights to specific persons, create sub-teams, etc.
  • An object of the present invention is to provide a team data list processing system that allows a specific person selected by an authority to manage a sub-team.
  • the fourth to fourth embodiments will be described with reference to the drawings. First, the team data list in the present invention will be described.
  • the team data list according to the present invention is a general term for a list that defines information about a team, and refers to a “set of members” applied to applications requiring highly confidential management such as the ACL described above. It is for definition. As described above, in the conventional system, terminal managers, network managers, and server managers who are not members of the team can change information about the team. On the other hand, in the team data list according to the present invention, information on the team is divided into a plurality of lists (authority list, authority data and member list, team master list, application list as described later) and managed. By doing so, team management such as layering the team and changing the team master itself can be performed only by members of the team.
  • a sub-team can be created under a team, thereby realizing a mechanism for simulating a hierarchical relationship in a company organization or the like and sharing information.
  • a plurality of specially selected humans A mechanism has been realized to grant the authority to create sub-teams to 79, thereby distributing the management burden so that the load is not concentrated on one administrator.
  • a mechanism has been implemented in which the sub-team creation authority is assigned to a specific person selected from within the sub-team for management within the sub-team. By doing so, the team manager does not need to be involved in managing and sharing information within the sub-team.
  • persons who can access the team data list are classified into three types, members, sub-authorities, and team masters, according to the contents of the authority, according to the hierarchical team.
  • the authority granted to the team data list is classified into three types, members, sub-authorities, and team masters, according to the contents of the authority, according to the hierarchical team.
  • the team master is the manager of a certain team and has the administrative authority to create sub-teams under the team.
  • a sub-authority is a person designated by the team master, and has the same administrative authority as creating a sub-team, like the team master, but is not allowed to appoint another person as a sub-authority. .
  • general members other than the sub-solar and the team master are those who share information and functions, and are not granted any privileges such as the right to create sub-teams.
  • the sub-solarity and team master are still members of the power team to which special authority is given, and in that sense the sub-solarity and team master are sometimes called members.
  • FIG. 37 is a block diagram showing the configuration of the entire system of the present embodiment including the team data list management device and the team data list storage device.
  • the team data list management device 300 and the team data list storage device 31 ⁇ have a team data list management function and a team data list storage function, respectively, which are described in detail below. Data is exchanged between each other using the communication function.
  • Both the team data list management device 30 ⁇ and the team data list storage device 31 ⁇ can be realized by a general computer such as a workstation, and the main memory of these computers respectively.
  • Stores programs (team data list management program, team data list storage program) for implementing the team data list management function and team data list storage function.
  • These programs are stored in portable storage media such as floppy disks, IC (integrated circuit) cards, magneto-optical disks, CD-ROMs (compact disks—read only memory), and hard disks built into computers. Some or all of them are stored in a computer-readable storage medium such as a large-capacity storage medium. That is, the program may be for realizing a part of the functions described in detail below, and further, these functions may be realized in combination with a program already recorded in the computer. Is also good. And
  • these programs are transferred from the storage medium to the main memory in advance under the direction of the CPU (central processing unit) on the computer. After that, the CPU executes the program transferred to the main memory, and thereby each part of the device is executed. 81 ⁇ is controlled to implement various processes described in detail below.
  • the “computer” mentioned here includes the OS (operating system) and hardware such as peripheral devices.
  • the computer-readable storage medium is not limited to those which statically store the program as described above, but may be dynamically stored for a short period of time through a communication line such as a dedicated line or a telephone line.
  • Main memory built into computer equipment such as servers, routers, and gateways that hold, transfer, and relay programs and data over networks such as the Internet, cache memory, servers, and clients. It includes all those that can hold programs for a certain period of time, such as volatile memory inside a computer that functions as such.
  • a storage device 32 ⁇ capable of constructing a database such as a hard disk is connected to the team data list storage device 31 ⁇ shown in FIG. 37.
  • the storage device 32 ⁇ stores a set of a team data list including a priority data 33 ⁇ and a priority list 34 ⁇ for each team composed of a plurality of members. Although only one set of authority data 33 ⁇ and authority list 34 ⁇ is shown in the figure for convenience of explanation, there are actually as many such sets as the number of teams.
  • FIGS. 38 3 and ⁇ show the detailed structure of the authority data 33 ⁇ and the authority list 34 ⁇ .
  • FIGS. 38C and 38D show notations for simplifying the stored contents of the authority data 33 ⁇ and the authority list 34 ⁇ in the following drawings. Things.
  • the authority data may be abbreviated as “AUD 0” and the authority list may be abbreviated as “AU L 0”.
  • the solitary data 33 ⁇ is data representing the relationship between a certain team and the sub-teams under it, and the team that ranks higher in the relationship with the sub-team is called the parent team.
  • the symbol "AUD ⁇ " indicates that the data is authority data
  • the authority data 33 ⁇ is a team ID 33 a ⁇ which is an identifier assigned to its own team.
  • Parent team ID 3 3 b ⁇ which is the team ID assigned to the parent team of this team
  • team creator 3 3 c 0 which means who created this team, members belonging to this team
  • the team master 33 d ⁇ that indicates to whom the team master authority was given, and the digital signature 33 eS that is digitally signed by the team creator 33 c ⁇ are included.
  • this authority data relates to Team 102 ⁇ which is a sub-team of Team 101 ⁇ .
  • the digital signature indicates that the team creator of this authority data is member ⁇ 6, and that the team master is member X ⁇ .
  • the authority list 340 is a list in which a plurality of managers in each team are registered, and includes data on the team master and sub-authority of the team.
  • the symbol “AUL ⁇ ” means the authority list
  • the authority list 34 ⁇ is the team ID 34 a ⁇ , team master 34 b ⁇ , sub-author for this team.
  • the team data list has a structure divided into AUDS, which is a list indicating the relationship between the parent team and sub-team, and AUL ⁇ , which is a list relating to sub-team management. I have.
  • the authority data 33 ⁇ and the authority list 34 ⁇ include the creation time of these data and list in addition to those shown in Fig. 38 3, 38 ⁇ , 38C, 38D. Timestamp, the digital signature algorithm used to create the digital signature 33 e ⁇ and the digital signature 34 d ⁇ , the validity period of the authority data 33 ⁇ and the authority list 34 4 ⁇ itself, and It contains data on the identification data of the individual solitary data 33 ⁇ and the authority list 34 ⁇ ⁇ itself. Also, as IDs (identifiers) for identifying members, sub-authorities, and team masters, there are various types such as names, e-mail addresses, organizational names, serial numbers of individuals, digital certificates, and the like. Can be used. Next, Fig.
  • the team hierarchy has a tree structure like a computer file system.
  • the ellipse in the figure represents the team, and the parent team and its sub-teams are connected to each other by a straight line. ing. Multiple sub-teams can be registered for each team. For example, sub-teams such as HR Division 1 and HR Division 2 can be registered under the HR team.
  • “Route ⁇ ” or “Route ⁇ ” is not used in the present embodiment, like a root directory on the file system. We call it a team.
  • both the team 102 ⁇ and the team 103 ⁇ are subteams of the team 101 ⁇ , and belong to the same hierarchy on the tree. Meanwhile, 84
  • FIG. 40 shows specific values for each team's authority list authority data corresponding to the team hierarchy shown in FIG.
  • a member list showing a list of shared members sharing information and functions with each other
  • the team data list is composed of three types of lists: authority list, authority data, and member list.
  • Each member list 101m6 to 104m0 shows a digital signature and a list of members of the creator of the member list, but there are various other members that match the purpose of use of the team.
  • each member list includes information about each member, such as e_mai 1 (e-mail) address @ your own address. By using these, information resources for each member can be obtained. Management can be done at the same time. According to the configuration shown in the drawing, by connecting the parent team ID described in the authority data, the team 101 ⁇ as the root can be reached from any of the sub-teams. In addition, for each team, multiple managers can create sub-teams.
  • team master ⁇ and sub-authorities B and C have the authority to create sub-teams, and As can be seen from the digital signature of the data 102 d S and 103 d ⁇ , the sub-teams 102 ⁇ and 103 ⁇ are created by the sub-authorities B and C of the team 101, respectively. are doing.
  • the authority data for a sub-team is to be created by the manager registered in the parent team for that sub-team.
  • anyone in the sub-team can become the team master of this sub-team at the direction of the parent team manager.
  • the digital signature of authority data 104 d6 is member V, sub-solarity V, one of the administrators of parent team 1 ⁇ 3 ⁇ , has authority data 1 04 d ⁇ has been created, and member L is nominated as the team master of team 104 ⁇ .
  • the authority list is created and digitally signed by the team master of each team.
  • the authority list 103 u ⁇ of team 103 is created by member X ⁇ who is the team master, and has a digital signature of member X ⁇ .
  • the member X can manage the data on the sub-solarity in the authority list 103 ⁇ ⁇ , and the manager of the parent team 101 ⁇ (ie, the team master ⁇ and the sub-authority) There is no interference from B, C).
  • the digital signer of the authority list is the creator of the team (ie, the team master or sub-authority of the parent team), for example, the HR manager can delegate the HR manager to internal management. You will have to manage it yourself.
  • the team master of each team also performs the digital signature of the membership, the management of the shared members in each team does not need to be interfered by the parent team. 86.
  • the team 103 m5 of team 103 ⁇ is digitally signed by Team Master X and cannot be managed by the parent team administrator. However, if the initial state of the sub-team when it is first created, or if the team master of the sub-team has been changed by the parent team's team master or sub-solarity, the digital signature of the authority list will be replaced by the sub-team's digital signature. It is a digital signature of the team master or subordinate of the parent team that created it.
  • the present embodiment is configured to separate the authority data and the authority list, and the parent team can refer to the authority data AUD ⁇ of the sub team, while the parent team can refer to the authority data AUD ⁇ of the sub team.
  • the authority confirmation function 35 ⁇ refers to the authority data 336 ⁇ ⁇ authority list 34 ⁇ from the client CLS side, When each change or deletion request is made, identify the requestor and determine whether to grant or deny these requests.
  • the list storage function 36 ⁇ is the authority confirmation function 35 ⁇ is the authority data 33 6 87-When using the list 34 ⁇ , take care of the process of acquiring these lists from the storage device 32 ⁇ , deleting them from the storage device 32 ⁇ , or storing them in the storage device 32 ⁇ . I have.
  • the list storage function 36 ⁇ must be interposed. However, it will not be explained one by one because it becomes complicated.
  • the list validity check function 37 ⁇ sequentially reads the parent team's authority list and authority data up to the root team, and finally In addition, the digital signature of Team Master No. 10 of Team 10 is checked to verify the validity of the authority list and the authority data. The legitimacy here means that the management of the team hierarchy is performed through a legitimate procedure without any tampering or over-rights act.
  • the AUD / AUL change function 38 ⁇ is added to the authority data 33 3 ⁇ authority list 34 4 ⁇ obtained by the list validity check function 37 ⁇ by adding members and administrators, In addition to making changes such as deletions and substitutions, when creating a sub-team, etc., new authority data 33 3 and an authority list 34 4 ⁇ may be newly created.
  • the digital signature function 3 9 ⁇ is a secret that only the changer can know about the authority data 3 3 ⁇ and the authority list 3 4 ⁇ processed by the AUD / AUL change function 3 8 6.
  • the digital signature of the creator or modifier of these lists ie, the team master or sub-authority
  • the public key management function 40 ⁇ accesses the public key database 41 ⁇ connected to the team data list management device 30 ⁇ , and Get the public key ID corresponding to the 88 key.
  • the public key database 41 ⁇ is not only in the oral form directly connected to the team data list management device 30 ⁇ , but also on the network such as the Internet.
  • the form that exists in the installed server for example, a certificate authority
  • the public key management function 40 ⁇ accesses the public key database 4 1 ⁇ via a homepage registered on the certificate authority, and from there the public key and public key ID described above are accessed. It can also be obtained in the form of a file.
  • the operation of the system having the team data list management device 300 and the team data list storage device 316 configured as described above will be described for each request made from the client CL ⁇ to the server SV 6. I will do it.
  • Figure 41 shows the procedure for creating a sub-team.
  • member C the sub-solarity of team 101 ⁇ shown in Fig. 40,
  • a sub-team 103 ⁇ with the team master as member X is created under the sub-unit 10 1 ⁇ .
  • This is equivalent to the case where a deputy general manager performs a task of establishing a new section under the human resources department on behalf of the human resources department.
  • the team data list storage device 31 ⁇ a team data list for the team 101 ⁇ created according to a valid procedure is stored in the storage device 326 in advance, and the root team 101 ⁇ Sub-teams are created using the management system of Team Master II.
  • a fixed value “Root 0” is set for the parent team ID of authority data 101 d ⁇ .
  • the team data list management device 303 sends a sub-team creation request to the team data list storage device 31 ⁇ (step S111 ⁇ ).
  • the team data list storage device 3 1 ⁇ acquires the authority data 10 1 d ⁇ and the authority list 10 1 u ⁇ from the storage device 3 2 ⁇ and stores them in the team data list management device 3. Send to 0 ⁇ .
  • the team data list storage device 31 ⁇ also includes the team data list for the sub-teams (ie, the team 102 ⁇ shown in Fig. 40) if there are sub-teams under the team 106.
  • the data is sent to the team data list management device 30 ⁇ (step S 12 ⁇ ).
  • the AUD / AUL change function 38 ⁇ changes the parent team ID to the team 1010 and the team ID to the team 10 3 based on the instruction from the member C ⁇ .
  • Authority data 103 d ⁇ with ⁇ and the team master as member X is created, and a authority list 103 ua ⁇ with the team master as member X is created.
  • the AUD / AUL change function 38 ⁇ passes the created authority list 103 ua S together with the authority data 103 d ⁇ to the digital signature function 39 ⁇ .
  • the digital signature function 39 ⁇ obtains the secret key for member C from the secret key file or the IC card in which the secret key is recorded, and based on this, sends the key sent from the AUD / AUL change function 38 ⁇ .
  • the digital signature of member C, the requester is applied to the solicited data 103 d ⁇ and the authority list 103 ua0. 90 Do it.
  • the digital signature of the authority list 103 ua0 is not the one of Team Master X, but the digital signature of the creator of the sub-team (above, step S 13 ⁇ ;).
  • the digital signature function 39 ⁇ stores the authority data 103 d ⁇ and the authority list 103 ua S created for the team 103 ⁇ in the team data list storage device 31.
  • the request is sent to ⁇ to make these storage requests (step S 14 S).
  • the authority confirmation function 35 ⁇ confirms the authority shown in the flowchart of FIG.
  • the authority confirmation function 35 ⁇ identifies that the requester who made the storage request is the member C (step S 3 1 ⁇ ), and the authority data 1 0 1 d ⁇ for the team 10 1 ⁇ Then, it is determined whether or not the member C is a team master or a sub-solarity of the team 101 ⁇ ⁇ based on the authority list ⁇ ⁇ ⁇ ⁇ ⁇ (step S32 ⁇ ). In this case, since the member c is a sub-authority of the team 101 ⁇ , a request to save the data created by a person with the right authority is made and the judgment is made (the judgment result of the step is “YE S”).
  • the authority confirmation function 35 ⁇ is the requester both with the created sub-team 103 ⁇ 's solidity data 103 d ⁇ and the digital signature of the authority list 103 ua 0 Confirm that it belongs to member C (step S33 ⁇ ).
  • the judgment result in this step is “YES”, and the authority confirmation function 35 ⁇ indicates that the sub team was created with normal authority.
  • step S 3 4 S the storage device 3 2 ⁇
  • the authority check function 35 5 stops the processing without performing the required saving operation
  • the creation of the sub team is completed.
  • a member X who is the team master of the team 103 ⁇ has made a management request to the team, such as setting information sharing members and sub-team creation authority.
  • a management request to the team, such as setting information sharing members and sub-team creation authority.
  • the team data list management device 30 ⁇ based on the management request instructed by the member X, adds the team data list relating to the parent team 103 ⁇ to the team data list.
  • Require storage device 3 1 ⁇ (step S 16 S).
  • the team data list storage device 3 1 ⁇ is based on the request contents, and the sub-team 103 ⁇ and all parent teams up to the root team (in this case, the root team 10 1)
  • the team data list relating to ( ⁇ only) is transferred to the team data list management device 300 side (step S17 ⁇ ).
  • the list validity check function 37 ⁇ checks the validity of the transferred list according to the processing procedure shown in the flowchart of FIG. 7 (step S1).
  • the list validity confirmation function 3 7 ⁇ is the originality data of the team 10 3 ⁇ to be managed 10 3 d ⁇ and the digitality of the authority list 10 3 ua S Referring to the signatures, it is checked whether they have been tampered with (step S41 ⁇ ). 92. Cancel the processing to be performed (the judgment result of the step is “NO”) c—If the judgment result of the step is “YES” and there is no tampering, the list validity confirmation function 37 ⁇ From the authority data 103 d ⁇ , it can be confirmed that the member X is the team master of the team 103 ⁇ .
  • the list validity check function 37 ⁇ confirms from the authority list 103 ua S that the digital signer is the member X who is the team master. However, as described above, this is a transition period in the process of creating a sub-team, and the digital signature of the authority list 103 ua 5 is the member C ⁇ who is the sub-team creator. Whether member C has a legitimate right to create a sub-team is determined by member C as a team master or sub-authority of parent team 101 ⁇ in the process described below (step S45 ⁇ ). It is confirmed by checking whether it has been performed (step S 4 2 ⁇ ).
  • the list validity check function 37 ⁇ knows that the parent team is team 101 ⁇ from the parent team ID of the originality data 103 d ⁇ (step S 43 ⁇ ), and the parent team Check whether the digital signatures of the originality data 101 d ⁇ and the authority list 101 u ⁇ have been tampered with (Step S440) c. If this is the case, the list validity confirmation function 3776 stops the processing (the judgment result of the step is "NO”); and the judgment result of the step is "YES”. If there is no tampering, it is confirmed whether or not the creator of the team 103 ⁇ is the team master or the sub-solarity of the parent team (step S45 ⁇ ).
  • the digital signer of the authority data 103 d ⁇ of team 103 ⁇ is member C, and the authority list 101 0 ⁇ of the parent team 101 ⁇ is assigned to member C.
  • the authority list 101 0 ⁇ of the parent team 101 ⁇ has valid creation authority 93-It can be confirmed that it was created by the person (the judgment result of the step is "YES"). If the result of the determination in this step is "NO”, the list validity confirmation function 3776 stops processing assuming that an illegal act has occurred.
  • the list validity check function 37 ⁇ checks whether the parent team 101 ⁇ is the root.In this case, the authority data of team 101 ⁇ is the parent team of 101 d ⁇ .
  • the list validity check function 37 ⁇ examines the authority data 101 d ⁇ of the team 101 ⁇ and finds that the team master is a member ⁇ . Since the authority data 101 d ⁇ and the authority list 101 U0 are digitally signed by this member A, it is confirmed that the team hierarchy is properly managed under the team master ⁇ . Yes (step S47 ⁇ ). Finally, the member X itself operates the team data list management device 306, and under the team hierarchy managed by the team master ⁇ of the root team 101 ⁇ , a team data list such as information sharing is provided. Approve that the use of the site or the use of the hierarchical team is performed, and notify the list validity confirmation function 37 ⁇ of this.
  • the list validity check function 37 ⁇ has been created by the sub-authority C designated by the team master ⁇ of the team 101 ⁇ and has created the authority data and the authority list for the team 103 ⁇ . It can be confirmed that these team data lists have been acquired in a normal state from the team data list storage device 31 ⁇ . Therefore, the list validity check function 37 ⁇ passes the team data list transferred from the team data list storage device 316 to the AUD. AUL change function 38 ⁇ . Note that step S 4 6 ⁇ in FIG.
  • the list validity check function 3 7 Changes the target team to the parent team and moves up the team hierarchy one step toward the root team (step S496), and the parent team becomes team 101 ⁇ as the root team (step S49).
  • the loop consisting of steps S42S to S46S and step S49 ⁇ is repeatedly executed until the determination result of S46 ⁇ is "YES”.
  • the AUD / AUL change function 38 ⁇ is the authority list 1 that adds members W and members V as sub-solars to the team 103's authority list 103 ua0.
  • step S 196 this is transferred to the team data list storage device 31 ⁇ together with the authority data 103 d ⁇ , and a storage request for these team data lists is made (step S 196). 2 0 ⁇ ).
  • the authority confirmation function 3 5 ⁇ is used in response to a storage request from the team data list management device 3 0 ⁇ , the team 10 0 stored in the storage device 3 2 ⁇ . Based on the team data list relating to 1 ⁇ and the team data list relating to 103 ⁇ transferred from the client side, the authority confirmation shown in the flowchart of FIG. 44 is performed. That is, first, the authority confirmation function 35 ⁇ identifies that the requester who instructed the storage request is the member X (step S510), and transferred the transferred authority data 1. 95-
  • the requester determines whether the team master of the team 103 ⁇ , the team master of the parent team 101 1 ⁇ , or the sub-solarity To see if any of them match.
  • the requester member X has been registered as the team master of team 103 ⁇ (the judgment result in step S5262 is “YE S”), so the authority confirmation function 35 ⁇ is required. Determine that the user has the right to the storage request. By the way, if the judgment result of this step is "NO”, the authority confirmation function 35 ⁇ stops processing assuming that the requester has not been given valid authority.
  • the authority check function 35 ⁇ checks whether the digital signer of the authority data 103d ⁇ matches the parent team's team master or sub-authority.
  • the digital signer of the authority data 103 d 0 is member c and a sub-authority of the parent team 101 ⁇
  • step S53 ⁇ determines that the requester has valid authority for the storage request. By the way, if the judgment result of the step is "NO”, the authority confirmation function 35 ⁇ stops processing as if there is a revision or an illegal act.
  • the authority confirmation function 35 ⁇ confirms whether the digital signer of the authority list 103u6 matches the team master registered in the authority data 103d ⁇ . In this case, the digital signer of the authority list 103 u ⁇ is the team master X indicated by the authority data 103 d ((judgment result of step S 5 4 ⁇ is “YE S”).
  • Step S5 5S Update the contents of step 96 (Step S5 5S) C If the judgment result of Step S54 4 ⁇ is “NO”, the authority confirmation function 35 5 ⁇ is regarded as having been tampered or fraudulent. The processing is stopped, and the storage processing in step S55 ⁇ described above is not performed. As described above, based on the team data list stored on the server SV ⁇ side, the member X is ideally the legitimate team 103 ⁇ in the management system of the root team team master ⁇ . It can be verified that he has been appointed as the team master (step S21 ⁇ in Fig. 41).
  • a member ⁇ registered as a sub-authority in the root team 101 ⁇ changes the team master of team 103 ⁇ which is a sub-team from member X to member ⁇ .
  • the team data list management device 30 ⁇ sends a change request for the team data list relating to the sub team 1030 to the team data list storage device 316 (step S61 ⁇ ).
  • the team data list storage device 3 1 ⁇ is the same as the step s 1 2 ⁇ in FIG.
  • Step S62 ⁇ Transfer the data list to the team data list management device 30 ⁇ side (Step S62 ⁇ ).
  • the list validity check function 37d is transferred to the team data list according to the processing procedure described in Fig. 43. 97 is verified (step S636), and if the validity is verified, the transferred team data list is passed to the AUD / AUL change function 38 ⁇ .
  • AUD / AUL change function 3 8 ⁇ changes the team master from member X to member ⁇ ⁇ ⁇ ⁇ for authority data 103 d ⁇ in the delivered team data list according to the instruction from member ⁇ , and makes this change.
  • the obtained authority data and the passed authority list are sent to the digital signature function 39 ⁇ .
  • the digital signature function 39 9 ⁇ obtains the private key for member ⁇ ⁇ from the above-mentioned private key file, etc., and applies a digital signature to the team data list sent, so that the authority data 103 db After the ⁇ and the authority list 103ub6 are created (step S646), these team data lists are transferred to the team data list storage device 31 ⁇ to make a storage request (step S64). S65 ⁇ ) 0 In the team data list storage device 316, based on the team data list to which the authority confirmation function 35 ⁇ was transferred, the authority is confirmed according to the procedure shown in Fig. 44. When the validity is confirmed, the transferred team data list is stored in the storage device 32 ⁇ .
  • the difference from the sub-team creation step S21S in Fig.
  • the teams involved in the team 103 ⁇ 98 As a data list, two sets of authority lists with different creation times and authority data, that is, each team data list before and after the change of the team master are stored.
  • the team data list storage device 31 ⁇ gives the digital signature of the member ⁇ who is the new team master of team 103 ⁇ to the authority list 103ub ⁇ in order to give it a digital signature.
  • the solitary data 103 db ⁇ and the solitary list 103ub5 are transferred to the team data list management device 30 ⁇ (step S66 ⁇ ).
  • the list validity check function 37 ⁇ verifies the validity of the transferred team data list according to the processing procedure in FIG.
  • the digital signature function 39 ⁇ obtains a secret key for member ⁇ ⁇ from the above-mentioned secret key file and the like, and performs a digital signature of member Z on the authority list 103 ub 5 based on this.
  • a solitary list 103 ucS is created (step S67 ⁇ ).
  • the digital signature function 396 transfers the created authority list 103 uc5 to the team data list storage device 31 ⁇ together with the authority data 103db ⁇ (step S68 ⁇ ). .
  • the team data list storage device 316 checks the authority according to the processing procedure shown in Fig.
  • the obtained team data list is stored in the storage device 326, and the team data list relating to the team 103 ⁇ is updated. This means that the Team Master has been changed following the normal procedure.
  • Fig. 46 for the processing procedure for changing the sub-solarity.
  • the team master ⁇ ⁇ power of the team 101 ⁇ which is the root; and the case where the authority to create a member ⁇ ⁇ ⁇ ⁇ registered as a sub-authority by this team 101 ⁇ is Will be described as an example.
  • the team 103 ⁇ whose sub-authority ⁇ is the creator due to the change of the team master shown in Fig. 45 is assumed.
  • the figure also shows two cases, one in which team 1303 is deleted as the authority to create sub-authority ⁇ is deleted, and the other in which team 1303 is continued. Is shown. Therefore, when the member ⁇ instructs the request to the team data list management device 306, it also instructs whether to keep the team 103 ⁇ .
  • the team data list management device 30 ⁇ sends a change request (deletion request) to the sub authority ⁇ registered in the team 101 ⁇ to the team data list storage device 31 ⁇ (step S 7 10): Accordingly, the team data list storage device 3 1 ⁇ refers to the authority data of the sub-teams under the team 101 ⁇ and selects the sub-team ⁇ ⁇ ⁇ After searching for the team 103 ⁇ for which the creator is the creator, the team data list for the team ⁇ ⁇ ⁇ ⁇ and team ⁇ 0 3 ⁇ is transferred to the team data list management device 30 ⁇ (step S720). In the team data list management device 30 ⁇ , the list validity checking function 37 ⁇ checks the validity of the transferred team data list according to the processing procedure described in FIG. If the team data is verified, the team data list transferred to the AUD / AUL change function 388 is passed. 100
  • AUL change function 3 8 ⁇ is a member from the sub-authorities described in the originality list ⁇ ⁇ ⁇ ⁇ ⁇ in the team data list delivered based on the instruction content from member ⁇ ⁇ ⁇ .
  • a solution list l Olub S from which ⁇ has been deleted is created (step S73 ⁇ ).
  • the AUD / AUL change function 3 8 ⁇ deletes the digital signature of the member ⁇ added to the authority data 103 db ⁇ to create the authority data 103 dc ⁇ (step S 74 S).
  • the AUD 'AUL change function 38 ⁇ sends the authority data 103 dc ⁇ and the authority list 103 uc ⁇ to the digital signature function 396.
  • Digital signature function 39 9 performs one of the following two processes according to the instruction from member ⁇ . First, if there is a request to continue Team 103 ⁇ , the digital signature function 39 ⁇ considers that the existence of Team 103 ⁇ has been approved by the member ⁇ The secret key for member A is obtained from the above, and based on this, the digital signature of member ⁇ ⁇ is attached to the authority data 103 dc ⁇ to create the authority data 103 dd ⁇ (step S75) 0). Next, the digital signature function 39 ⁇ transfers the authority data 10 1 (1 ⁇ , 103 dd ⁇ and the authority list l Olub ⁇ , 103 uc S to the team data list storage device 31 ⁇ .
  • a request is made to save the team data list (step S760)
  • the authority confirmation function 35 ⁇ is based on the transferred team data list.
  • the authority is confirmed according to the procedure shown in FIG. 44, and when the validity is confirmed, the content of the storage device 320 is updated with the transferred team data list (step S77) S)
  • 101 Digital signature function 3 9 ⁇ is a team data list storage device for team 10 1 ⁇ , that is, authority data 10 1 d ⁇ and authority list l Olub ⁇ .
  • an instruction to invalidate the team 103 ⁇ is sent to the team data list storage device 31 ⁇ (step S78 ⁇ ).
  • the authority confirmation function 3 5 6 matches the authority list 1 0 1 u 6 stored in the storage device 3 2 ⁇ with the sent authority list l Olub S By doing so, the deletion of sub-authority B can be recognized.
  • the authority confirmation function 35 ⁇ is based on the contents of the authority data 101 d ⁇ and the authority list 101 ub ⁇ , and the team master is a member ⁇ and these team data lists are It can be seen that all members are digitally signed by this member A.
  • the authority confirmation function 35 ⁇ determines that the team master ⁇ has deleted the sub-authority B ⁇ with valid authority, and the authority data 101 d ⁇ and the authority list l Olub S The team data list of the team 100 in the storage device 3 2 ⁇ is updated with the contents of the above.
  • the authority confirmation function 35 ⁇ deletes the authority data and the authority list relating to the team 103 ⁇ from the storage device 32 ⁇ (above, step S79 ⁇ ). As described above, the authority to create sub authority ⁇ has been deleted from the team data list on server SV ⁇ .
  • the team data list management device 30 ⁇ notifies the team data list storage device 31 ⁇ of the digital signature of the member C as described later.
  • the team data list management device 30 ⁇ becomes a member by the digital signature function 39 ⁇ .
  • a command to delete team 103 ⁇ with the authority of member C and the digital signature of member C are combined and transferred to the team data list storage device 31 ⁇ .
  • S 8 1 ⁇ As a method other than attaching a digital signature, a method called “shake hand” or “challenge response J” (details will be described later) that certifies at the time of transfer of the deletion instruction may be adopted.
  • the shake hand will be described as an explanation in accordance with the method using a digital signature:
  • the team data list storage device 3 1 ⁇ is converted from the team data list management device 3 0 ⁇ to the team 10 3 ⁇
  • the authority confirmation function 3 5 ⁇ is received
  • the authority confirmation function 35 ⁇ compares the digital signature of member C described in the authority data 103d ⁇ with the digital signature of member C attached to the deletion instruction, and if these match, Being By confirming with 103, it is possible to confirm that the person who ordered the deletion is definitely Member C himself. In this way, the authority confirmation function 35 ⁇ is determined to be a delete instruction issued with a proper authority, and the authority data 10 3 d ⁇ and the authority 10 The list 103 u ⁇ is deleted (step S820).
  • the authority confirmation function 3 5 ⁇ refers to the team data list for team 10 10 and team 10
  • the sub-authority C registered in ⁇ is the creator of Team 103 ⁇ , and this sub-solarity C has been designated as the sub-authority by the team master ⁇ of the parent team 110 It turns out that it is.
  • the authority confirmation function 356 is deleted by comparing the digital signature of member ⁇ described in the authority data 101 d ⁇ with the digital signature of member A attached to the deletion instruction. Confirm that the person who instructed is definitely Member A himself. In this way, the authority confirmation function 35 ⁇ determines that this is a delete instruction issued with valid authority, and from the storage device 32 ⁇ , the solution for the team 103 ⁇ is determined.
  • step S 84 ⁇ The team master A completes the deletion process of the team 103 ⁇ by c or more. It will be done. In addition to the members described above, for example, it is also possible to delete the team 103 ⁇ in which the member ⁇ registered as a sub-authority in the team 101 ⁇ is a sub-team. Lastly, the details of the above-described shake hand or challenge response processing procedure will be described with reference to FIG. First, when accessing the server SV ⁇ , the client CLS sends the user name (user C or member ⁇ in FIG. 47) and the user public key to the server SV ⁇ (step S 1). 0 1 0).
  • the server SV 0 generates a random number, stores it internally, encrypts the random number with a user public key (step S 102 ⁇ ), and transmits the encrypted data to the client CLS as “challenge data”.
  • the client CL ⁇ decrypts the challenge data sent from the server SV ⁇ with a secret key corresponding to the user public key (step S104 ⁇ ), and converts the obtained decrypted data into a “challenge response”. Is returned to the server SV ⁇ (step S 1 050).
  • the server S ⁇ compares the challenge response sent from the client CL6 with the random number generated in step S102 ⁇ to confirm the communication partner.
  • step s101 ⁇ it is possible to confirm that the person who knows the secret key corresponding to the user public key sent in step s101 ⁇ is the communication partner (successful authentication). On the other hand, if the two do not match, it is known that the communication partner may not be a person with valid authority (authentication failure) (step s106 ⁇ above).
  • the server s V ⁇ is the same as the one obtained in step S 106 ⁇ .
  • 105 Notify the authentication result (authentication success or authentication failure) to the client CL ⁇ (step S107 ⁇ ).
  • the server SV ⁇ can confirm that the member C ⁇ member ⁇ is the same person as in the case where the digital signature is attached.
  • the “user public key number” may be sent.
  • the user public key number referred to here is information for identifying and authenticating the user himself / herself, and is a serial number assigned in advance to each user public key. More specifically, the user public key number is information corresponding to each user public key for uniquely identifying the user public key. For example, the user public key number is included in the certificate issued by the above-mentioned certificate authority. This is the serial number of the certificate.
  • various information such as an ID and a name for actually identifying the key creator himself / herself can be used in addition to the user public key number just described.
  • FIG. 49 illustrates the layering of teams according to the present embodiment, in which applications that can be used by members of the team are different for each team.
  • the authority list and authority data are the same as those shown in Fig. 40.
  • each team has an application list that includes the contents of the member list instead of the member list. , 102 a6 and 103 a ⁇ are provided.
  • these application lists include, in addition to the systems available to members belonging to each team, 106 lists are listed.
  • a personnel management system, an accounting system, a schedule, and a file sharing system are registered in the application list 101 a ⁇ of the team 101 ⁇ .
  • the member list is the same as that described in the member list in FIG.
  • the team generation is subject to the interference of the parent team, but the application list is digitally signed by the team master of each team. Therefore, management within the team can be performed without interference from the parent team.
  • the members who can share applications that can be used in the team can be determined independently by the parent team administrator by the team master.
  • the digital signature of application list 102 a S is the digital signature of member ⁇ ⁇
  • management authority sharing within a team for sharing information is performed. Men who belong to the team, sub, master
  • the submaster is an administrator in the team designated by the team master, and is not allowed to change the teammaster / submaster.
  • the submaster can add, delete, and change general members.
  • the team master He is the one who can change the data or the members, and even his own team master.
  • general members other than the submaster and the team master are those who share the information and functions provided to the members, and have no authority to make changes to the contents of the team data list.
  • the submaster and the team master are given special authority, they are still members within the team, and in that sense, the submaster or team master is sometimes called a member.
  • FIG. 50 shows the hierarchy of teams in the present embodiment.
  • a team master list is further added to each team of the 4-1 embodiment shown in FIG. In this way, information sharing is managed for each team, and multiple administrators can manage the information sharing members in each team.
  • FIG. 50 a list of team masters and submasters registered in each team and a digital signature of the team master are described in a team master list 101 t ⁇ to 104 t ⁇ .
  • the team master list includes the identification information of the team master or submaster, the public key, the public key ID, the team ID, and the time stamp indicating the time when the team master list was created.
  • the team master list 34 ⁇ includes information on the team, such as the number of team members, the time when the team was created, and various functions that can be used by each member in the team (for example, the above-mentioned information).
  • Application list which can be used to manage information resources for each team at the same time.
  • the digital signature of the team master list is digitally signed by the team master of each team at the time of team creation, and thereafter, it is digitally signed by the team master.
  • the submaster has been given the authority to manage the member list. Therefore, in addition to the team master, the submaster may be digitally signed.
  • the digital signature of the member ⁇ registered as a submaster of the team 101 ⁇ is made.
  • the member list 102 ma Will sign.
  • sub-team management authority and member management authority are divided into authority list / authority data and team master list, so different persons are assigned to sub-authority and sub-master in each team. You can guess.
  • members W and V are sub-authorities
  • members ⁇ and ⁇ are sub-masters.Therefore, different persons may be in charge of sub-team management and member management to balance the load. it can.
  • the sub-authority and the sub-master can be the same member, and in that case, it is possible to combine the authority list and the member list into one list.
  • each time the team data list is used the user needs to confirm on the client CL ⁇ whether the team master is definitely his or her own team master.
  • the user needs to confirm on the client CL ⁇ whether the team master is definitely his or her own team master.
  • This list is normally managed by the following members as an administrator. Name: Member ⁇ . Organization: Mitsubishi Materials Click the ⁇ ⁇ button to continue working. Click here for a message. "In this way, it is necessary for the user to visually confirm the message, and there is no possibility that the user will have a troublesome impression.
  • the following functions are added as new functions linked with the list validity check function 37 ⁇ , or as a function of the list validity check function 37 ⁇
  • the public key of the team master in the root team 101 ⁇ is previously set for each team, for example, the public key database 41 ⁇ on the client CL ⁇ side (see Fig. 37).
  • the public key management function 40 ⁇ obtains the public key of the team master of team 1 ⁇ 1 ⁇ ⁇ from the public key database 410 and lists it. to ⁇
  • a serial number for identifying the public key is registered as information relating to the public key, and the public key management function 4 06 discloses this serial number.
  • the public key registered outside the team data list management device 300 (for example, on the Internet) is separately obtained based on this, and the list validity is confirmed.
  • the function may be passed to the function 37 ⁇ .
  • the list validity checking function 37 ⁇ is not transmitted from the public key management function 40 ⁇ instead of outputting the above-mentioned message on the computer display.
  • the team master's public key of the notified team 100 1 ⁇ the team data contained in the authority data 100 1 d ⁇ transferred from the team data storage device 3 1 ⁇ So as to verify the digital signature, the digital signature shall determine whether those teams master is registered. In this way, the user is visually confirmed based on the display on the display 110, it is possible to verify the validity of the team master of the root team 101 ⁇ .
  • the team data list management program for managing the team data list for hierarchizing the teams, the team data list management program: (1) A process for requesting an operation of the data list; and (2) an identifier indicating the parent team of the own team and an administrator of the parent team for each team from the operation target team to the root team in response to the operation request.
  • Data containing the digital signature of the team, manager information on the management authority of the sub-team under the control of the team, and the team master who is the manager of the team or the manager of the parent team A process of obtaining a team data list having the authority list including the digital signature of the request from the request destination;
  • the digital signature of the team data list has not been tampered with, and the digital signature has been obtained by an authorized person using the manager information for each team, while obtaining each team up to the root team. And then confirming the user's approval of the team master of the root team.
  • the operation is performed on the team data list whose validity has been confirmed by the validity confirmation process.
  • the confirmation process includes one or more sub-authorities designated by the team master from members of the own team and having the authority to manage the sub-team, and the sub-authority May be used as the manager information.
  • the above-mentioned team data list management program includes: a process of acquiring identification information for identifying a team master of the root team from a predetermined place and registering the identification information in advance; A process of confirming that the digital signature of the team data is the digital signature of the team master using the identification information registered in advance each time team team data is sent; May be further executed by a computer.
  • the team data list storage program includes: (1) an identifier indicating a parent team of the own team; The process of storing in advance the authority data containing the digital signature of the parent team administrator for each team
  • the administrator information is used to indicate that the digital signature of the team data list sent from the request source is a digital signature by an authorized person. After the confirmation, the computer executes the authority data stored in the transmitted team data list and the authority confirmation processing for updating the stored authority list.
  • the authority confirmation processing may be performed by one or more sub-solars who are designated by the team master from members of their own team and have the authority to manage the sub-team. And information on the team master having the authority to manage the sub authority in addition to the authority of the sub authority may be used as the administrator information.
  • the inventions of the fourth to fourth embodiments have the following effects.
  • a sub team can be created under each team by using the team data list including the authority list and the authority data, and a hierarchical team can be constructed.
  • the user can confirm the validity of the team data list for each team from the operation target team to the root team only by checking the digital signature of the team master of the root team.
  • anyone can become the team master who manages the sub-teams under the direction of the parent team manager.
  • the team data list is divided into the authority data under the management of the parent team and the authority list relating to the management of the own team, and the team master of each team is divided into the parent team. Management within the team, such as management of information sharing members, without interference from the parent. 1 13 Team managers no longer need to be involved in sub-team internal management.
  • the present invention since a digital signature by a person having a legitimate authority is included in the team data list, it is possible to detect an illegal act such as falsification. Also, in the present invention, when an operation request for a team data list is made, the authority of the requester is checked to determine whether or not the person has the authority. It is possible to prevent unauthorized acts by members who do not have authority such as cracking power. In addition, in the present invention, sub-team management authority is given to the selected team master and one or more sub-solarities, and the team master itself can appoint a sub-solarity. The management burden is distributed because the team can be managed.
  • identification information for identifying and authenticating the team master of the root team such as a public key is registered in advance, and the team master of the root team is confirmed based on the identification information. This eliminates the need for the user to visually confirm each time he or she operates the team data list, and automatically approves the team master of the knowledge team.
  • the invention of the embodiments 5 to 6 d is in the field of broadcast communication using a computer network, and is capable of preventing improper operation by an administrator of an information relay device used for broadcast communication. About.
  • Broadcast communication refers to communication intended to transmit the same information to many terminals on a communication network at once.For example, in the case of an e-mail system, broadcast is performed by using a mailing list. Broadcasting is realized. Another example of broadcast communication is a real-time chat. In a general example of a broadcast system currently implemented, a transmitting terminal manages a set of recipients (receivers) (distribution destination list) for messages to be broadcast. Transfer to the information relay device.
  • Broadcasting is realized by copying the message distributed by the information relay device for the number of recipients and transferring it to each recipient of the broadcast.
  • a message is sent to a mailing list management host (Server A) that manages a mailing list (ListOl) indicating a set of recipients.
  • Server A a mailing list management host
  • ListOl mailing list
  • Ringurisu preparative manage each recipient phosphite I are listed in the mailing list (U ser a, U ser B s U ser C) message against
  • an encryption key is generated based on a data key used for encryption, destination information for specifying a recipient, and a master key common to the system, and the destination information and the encryption key are transmitted between the communication parties. It discloses an encrypted communication system that can share a data key with any one or more communication partners by transmitting and receiving data.
  • An encrypted information relay device in this broadcast communication system transmits and receives information from an originating subscriber in a system for transmitting and receiving information between a plurality of subscribers connected by a communication line.
  • a cryptographic calculation unit that decrypts the encrypted information (2) or encrypts the information sent to the receiving subscriber (3); a common secret key for decrypting the encrypted information;
  • a key storage unit storing an individual public key for each subscriber for performing encryption corresponding to (User A, User B, User C). 1 16
  • the administrator of this information relay device or the person who has been delegated authority by this administrator, will not be able to transmit the contents of encrypted communication, even if it is not included among broadcast subscribers. You can see him.
  • confidential information in broadcasts between companies includes merger information of companies, which is information that should not be leaked to the administrator of the information relay device affected by the merger.
  • the information relay device always performs the decryption processing and the encryption processing of the encrypted information.
  • encryption and decryption are complex and require large processing power. Therefore, if a large amount of encrypted information arrives at the information relay device at the same time, there is a danger that the broadcast will be delayed or the information relay device will exceed its processing capacity, resulting in inoperability.
  • the following problems were solved. The system needs to be realized.
  • the communication contents of the broadcast encryption communication realize a mechanism that cannot be seen by the clerk, and the contents of the broadcast communication can be viewed only by members who really need to share the information.
  • the distribution members are managed among the members performing the broadcast communication, and the administrative burden concentrated on the single member administrator is reduced as much as possible. I do.
  • the invention of the fifth to fifth embodiments is described as follows.
  • the invention of the fifth to fifth embodiments is described as follows.
  • FIG. 52 shows an outline of the broadcast communication system of the present invention. The embodiments of each device constituting the broadcast communication system of the present invention will be described later in detail.
  • the setting of the member to be delivered (recipient) stored in the information relay device (server) is mainly delegated authority by the server administrator or the server administrator. Was controlled by those who were.
  • a list of members to be distributed (hereinafter, referred to as a member list) is not a server administrator, but an administrator who manages members within a broadcast member (hereinafter, referred to as a team master). ) Management, this member 118 Provide a mechanism to prevent the list from being tampered with by others. Then, the member list is safely and securely shared among the members included in the member list, and the information content of the broadcast transmitted by the member is encrypted, so that the information can be leaked without leaking the information. It enables safe and secure reception of confidential information.
  • a mechanism is needed to identify and authenticate the communicating member.
  • a mechanism is used in which a private key in a public key cryptosystem (for example, an RSA (Rivest-Shamir-Adleman) method or an elliptical sign method) is owned only by the person. I do. Therefore, the member list of the present invention includes at least the public key corresponding to the private key.
  • a digital signature by the team master shall be attached to ensure that the member list is securely managed and a mechanism that is not falsified by others.
  • the member list is generally managed by the team master.For example, if the number of broadcast members is large and cannot be managed by a single administrator, the member list is managed. It may be divided into multiple lists and managed by multiple administrators (one team master and one submaster authorized by the team master) included in one team master list. As shown in Fig. 53, a general list of members is composed of the team name, the name or identifier of member X, which is the team master, and the members Y,. The member's name or identifier and the Team Master X digital signature for this member list.
  • the member list consists of multiple lists as described above, in particular, the member list is registered as the team master and the team 1 0 1 ⁇
  • An example is shown in which 119 broadcast members are divided into registered member lists.
  • the validity of the digital signature of the member list can be confirmed not only by the X of the team master but also by the digital signatures of ⁇ and ⁇ of the submaster.
  • the member list is verified for tampering, and the digital signer (in this example, member X) is specified.
  • the member list may be such that a plurality of public keys are registered for one member. For example, if a public / private key pair used for encryption / decryption processing and a public key / private key pair used for digital signature creation / verification processing use different key pairs, respectively. Therefore, two public keys are registered for each member. Also, a public key is registered in the member list. Digital certificates issued by 120 stations (for example, digital certificates conforming to the X.509 format, hereinafter referred to as certificates) can be used. Alternatively, a method of registering information for uniquely identifying the public key body in the member list may be used.
  • each member already has a public key body, information identifying the public key (for example, the public key included in a certificate issued by a trusted certificate authority is used.
  • the member list includes the serial No given to the certificate, the name of the certificate authority, and a message digest obtained by compressing the certificate with a hash function), each member will be a member After receiving the list, you can select or obtain the actual public key itself to be used for encryption. For example, if the member list includes the certificate authority name and serial No, the certificate authority name and serial number are first obtained from a plurality of certificates stored in a storage medium connected to the terminal.
  • FIG. 55 includes and illustrates the 5-1a to 5-1a embodiments of the member list management device of the present invention.
  • a list creation unit 1a a for creating a member list including a public key of one or more members performing broadcast communication, and a member list
  • the public key management unit 1 b £ acquires and stores the public key to be included.
  • the team master 1 enters predetermined items (member information, etc.) for creating a member list using the member list management device 1f.
  • the list creation unit 1a ⁇ selects the public key of the member to be registered as a member (step S1 ⁇ ). For example, when creating the member list shown in Fig.
  • the public keys of members X, ⁇ , ⁇ , ⁇ are selected.
  • a message digest of the member list is created using a hash function (for example, MD5 SHA-1) (step S 2 £ ).
  • encrypts the message one Jidaijiesu you created with the private key Ji one beam master e.g., by using the RSA or DSA
  • attach a digital signature created in the main Nbari be sampled (Step S 3 epsilon; 2 In the example, the digital signature of X is attached).
  • member one list management apparatus 1 "This embodiment of the 5 _ 1 a, further list acquisition storage unit 1 ct The configuration with is provided.
  • 122 list acquisition storage unit 1 c f is not only operative to perform acquisition storage member list for the connected storage medium member list management unit 1 f
  • member list management device 1 f is connected It uses terminals (eg, servers) and databases (not shown) located in the network to access these terminals and databases, and operates to acquire or save member lists.
  • This configuration is used because if one team master manages the member list and one terminal of the team master fails, the member list may be deleted accidentally. However, it is more secure to store the member list in a secure terminal (for example, a server) or database on the network instead of the terminal of the team master.
  • a secure terminal for example, a server
  • multiple members create a member list.
  • the broadcast communication system of the present invention prevents information from leaking outside the broadcast member by performing encryption using the public key included in the member list.
  • the member list management device 1f needs to verify whether the member list is managed with validity. Verification of legitimacy here means that 1) the member list is maintained without modification by unauthorized persons, and 2) the person who created the member list broadcasts. Qi It is the official team master of the system, to check the status.
  • the digital signature attached to the member list (in the example of FIG. 53, the digital signature of member X) is decrypted to obtain a message digest of the member list, and further,
  • the member list (in the example shown in Fig. 53, the list that has team 101 ⁇ , member X, member ⁇ ... member ⁇ ) is the same hash as the one used when creating the member list.
  • the message digest obtained by compression with the function is obtained, and verification can be performed by comparing the two.
  • the member list user can input the name of the digital signer to the member list (for example, the name described in a certificate that conforms to the X.509 certificate format).
  • the list acquisition and storage unit 1 cf is a function that creates and saves a correspondence table that associates information that identifies the member list with the team master that manages the member list, and is attached to the member list.
  • the member table is further equipped with a function to refer to this correspondence table and determine whether the digital signature is the digital signature of the valid team master. Can verify the validity of the
  • the member list user when creating the correspondence table, for example, in the case of the first member list to be acquired, display it on the screen so that the member list user can confirm the team master and have it confirmed Verify by If an affirmative instruction (when the team master is recognized as the digital signer of the member list) is issued, information identifying the member list (in the example of Fig. 53, “Team 10” in the team name) is output. 1 ⁇ ”) and a team master that manages the member list (in the example of Figure 53,“ member 1 ”is the team master). By adding an additional function to add 124 to the table, the validity is automatically checked from the second time on.
  • the function for verifying the validity of the member list described here is also provided in each of the later-described signal information creation device, encryption information decryption device, and information relay device. Works when using a member list.
  • the member list management device 1 ⁇ of the fifth-first a or the fifth-second a embodiment has a list.
  • the transmission unit 1 d f is further provided.
  • the list transmitting unit 1df operates to transmit a member list to terminals used by members included in the member list.
  • the latest member list can be quickly and accurately shared among the members of the member list.
  • the team master needs to change the distribution destination list referred to when the information relay device described later redistributes the information.
  • the mechanism for changing the distribution destination list differs depending on the type and mechanism of the information relay device. For example, the structure and protocol of the device differ between a voice communication system and an e-mail communication system.
  • the members included in the member list and the members included in the distribution destination list are set so that the operation method does not differ depending on the system to be used.
  • a function of changing the distribution destination list may be further added to the member list management device 1f so that the members become the same.
  • the simplest embodiment is the list transmission of this embodiment.
  • the member list is transferred from the 125d 1d E to the information relay device, and the information relay device uses this member list as a distribution list.
  • a member-list management device 1f of any one of the fifth-first to fifth-third embodiments is subscribed.
  • the request reception unit 1 e £ is further provided.
  • the subscription request receiving unit 1ef sets the items to be requested to join the specific broadcast distribution list in order for the broadcast team master to accept the request to subscribe to the broadcast member list.
  • the request function that sets the required items to be fulfilled, the function that presents the items to be satisfied by the requester when accepting the request, and the request transmitted by the requester satisfy the required items. It has a subscription permission determining function of determining whether to permit the subscription.
  • the subscription request receiving unit 1 e ⁇ of the present embodiment makes an inquiry to a database server or the like arranged on the network to check whether the subscription request is an accurate request. Perform verification. For example, if the credit card ⁇ is described in the enrollment item, the validity of the credit card ⁇ will be verified by accessing the terminal operated by the credit card company, or If the certificate is included, it can be verified by accessing the certificate database operated by the certificate authority.
  • the above-mentioned function of the subscription request receiving unit 1 e £ enables automatic recipient subscription to the broadcast communication.
  • the process of subscribing to a mailing list is automated, and when a user registers on a WWW page, it is automatically added to the mailing list.
  • the current mailing list automates the process that is started with the authority of the information relay device administrator, and in the current automation process, the information relay device administrator has free access to the distribution members. It only provides a mechanism that can be set to.
  • the subscription request receiving unit 1 e ⁇ is for preventing a fraud by an administrator of a malicious information relay device or the like, and for providing a more secure automatic subscription mechanism.
  • the public key and private key included in the member list are undoubtedly the power of their own, whether they have expired if the expiration date has been set, etc. It is better to use after verifying that there is no leakage. Therefore, in each embodiment of the member list management device 1f, a database (for example, a state that indicates the validity and reliability of a public key provided by a certificate authority / service company) is registered in the network.
  • SMTP Simple Mail Transfer Protocol
  • LDAP Lightweight Directory Access Protocol
  • CSP Online Certificate Status Protocol
  • CCL certificate revocation list
  • the function described here to verify the validity of the public key and the private key used for digital signature must be provided in each of the cryptographic information creation device, information relay device, and cryptographic information decryption device described later. This is effective for digital signature confirmation / member list management.
  • FIG. 57 includes and illustrates Embodiments 5-1b to 5-3b of the cryptographic information creation device of the present invention.
  • the 5-1b embodiment of the encryption information creation apparatus includes a list acquisition and storage unit 2af that acquires and saves a member list via a network, and an encryption unit that creates code information. 2 b ⁇ .
  • the list acquisition and storage unit 2a £ stores member lists stored in a resource database located on the network in the same or different protocol as broadcast (for example, by broadcast). When using SMTP, fetch using HTTP). Alternatively, the transferred member list is stored in a storage device (not shown), and obtained by reading the member list from the storage destination when necessary.
  • the list acquisition and storage unit 2a £ operates to check whether the member list is the latest version.
  • a database located on the network that stores information about the latest version of the member list may have the same or a different protocol (for example, when using SMTP for broadcast). Query the latest member list version using LDAP, OCSP, etc.).
  • the list acquisition and storage unit 2a ⁇ has a function of verifying the validity of the list described in the embodiment of the member list management device 1 ⁇ described above. Verify the validity of the list.
  • the storage unit (not shown) is configured by a nonvolatile storage device such as an EEPROM, a hard disk, and a magneto-optical disk.
  • the encryption unit 2b £ first obtains the broadcast message (plaintext) and the member list obtained by the list acquisition and storage unit 2a £, as shown in Fig. 58, and converts the broadcast message. Create a ciphertext by encrypting with a common key cryptosystem (for example, an encryption system that uses the same key for encryption and decryption such as DES).
  • a common key cryptosystem for example, an encryption system
  • an encryption key is created by encrypting the common key used to create the ciphertext using a public key encryption method (for example, the RSA method) using each member public key included in the member list. At this time, if there are three members, three encryption keys will be created.
  • a public key encryption method for example, the RSA method
  • key selection information for selecting an encryption key corresponding to the member to be distributed among a plurality of encryption keys is created.
  • this key selection information for example, a table that associates a member name with an encryption key may be used.
  • the broadcast message is compressed by a hash function, and a digital signature encrypted with the sender's private key is added. With this digital signature, falsification can be prevented and the sender can be confirmed.
  • the encryption information creation device 2 £ is used at the transmitting terminal.
  • the 5-2b embodiment of the cryptographic information creating device 2 £ has a configuration in which the 5-1b embodiment further includes a destination inspection unit 2 c £.
  • the 5-1b embodiment further includes a destination inspection unit 2 c £.
  • Destination check unit 2c ⁇ ⁇ checks the destination of the broadcast message, and if the information relay device is the destination and the list of members used for broadcast can be obtained, It operates to pass the broadcast message to the encryption unit 2 b b.
  • the encryption information creation device 2f can perform only the encryption process, and therefore, the creation of the broadcast message itself can be performed by a general-purpose message creation device (word processor, Mailers, chat clients, etc.).
  • a general-purpose message creation device word processor, Mailers, chat clients, etc.
  • the encryption information creation device 2 £ is implemented as a mailer's plug-in software
  • the functions of the existing mailer can be used up to the creation of the text and attachments of the mail.
  • the plug-in software as the cryptographic information creation device 2 E checks the destination before sending the mail, and if the destination is the address of the mailing list server, the member corresponding to this address A list is obtained, and the above-mentioned encryption is performed using the public key included in the member list to create encryption information.
  • This encrypted information is sent to the mailing list 'server using the communication function used by the existing mail (for example, the communication function using SMTP as a protocol).
  • the cryptographic information creating apparatus 2 of the present embodiment may further include a dedicated broadcast information creating unit (not shown) for creating a broadcast message.
  • the fifth-third embodiment of the cryptographic information creation device 2 £ is different from the fifth-first b or the fifth-second b embodiment in that the multi-part transmission unit 2 d ⁇ ⁇ ⁇ is further provided.
  • the encrypting unit 2 b f when the broadcast message is composed of a plurality of parts, performs the above-described encryption processing for each individual packet and performs encryption. 130 Create information. Then, as shown in FIG. 59, when the broadcast message is composed of a plurality of parts as shown in FIG. 59, the multi-part transmitting unit 2d ⁇ transmits some of the parts according to the receiving capability of the information relay apparatus. It operates so that it can be sent to the information storage device 5f that can be referenced from the relay device. At this time, the most suitable protocol for transmitting each part can be used. For example, use a real-time communication protocol for voice chat, and use a file transfer protocol for file transfer.
  • the multi-part transmission unit 2 df can refer to the information relay device 4 ⁇ ⁇ ⁇ ⁇ ⁇ by referring to the resource database or the information relay device 4 ⁇ arranged on the network, and can refer to a part of the broadcast message from the information relay device 4 £. Know the information storage device 5 that can be transferred. In addition, as another method, it may be used, including the ⁇ dress of the information storage device 5 f to members some truth be sampled.
  • the recipient may need to verify that all the original information is complete.
  • the original plaintext parts, all ciphertext parts, or a set of message digests of each plaintext part, or the message digest of each ciphertext part By attaching a message digest created by using a hash function to one or a set of combined information using a hash function, or by attaching a digital signature to this message digest, Even if the information is transferred to a completely different device, the integrity of the entire broadcast message can be verified.
  • the same information encryption process and the same member list are used for communication over a plurality of protocols for each part, and the members set by the team master are surely used.
  • Broadcasting can be performed between each part
  • the level of security and certainty of 131 broadcasts can be equalized.
  • the present embodiment is effective in a case where messages of different formats are simultaneously broadcast in a broadcast communication system.
  • a voice chat broadcast system members across multiple companies may have business negotiations and simultaneously transfer contract files, or use a mailing list broadcast system.
  • a mail message is sent to members, and a large file (for example, a 5 Mbyte image file) that exceeds the capacity of the mail system is transferred.
  • a large file for example, a 5 Mbyte image file
  • voice chat when the contract file is transferred, if the voice chat is interrupted and the broadcast is interrupted, important confidential information is handled. There is a risk that oversight may occur.
  • the allowable amount depends on the setting of each receiving mail system (for example, 3 Mbytes in the system of member A, 1 Mbyte in the mail system of one member).
  • the receiving capacity differs depending on the amount of free space in the mail receiving buffer reserved for a specific member, and it is difficult for the sender to assume that the message can be sent reliably.
  • the present embodiment functions effectively in these environments.
  • the security of the public key included in the member list used at the time of encryption is improved by verifying its validity before being used for encryption. For example, when the team master creates a member list, even if all public keys are valid, even if they try to use the same key after a certain period of time, they will not use it.
  • Each embodiment of the signal information creation device 2f has a key validity verification function similar to the function of verifying the validity of the public key and the private key used for the digital signature of the member list management device 1f. This further improves safety.
  • FIG. 60 embraces and illustrates the fifth to fifth to fifth to fifth embodiments of the encrypted information decrypting apparatus of the present invention.
  • the decryption unit 3 b £ first refers to the key selection information included in the encryption information and selects the encryption key to be used for decryption from among a plurality of encryption keys corresponding to one member as shown in Fig. 58. Select Then, the encryption key is decrypted by using the recipient's private key by using the public key cryptosystem to obtain a common key. Then, using the common key cryptography, the cipher text included in the cipher information is decrypted using the common key to obtain a plain text broadcast message.
  • a message digest MD f obtained by decrypting the digital signature with the sender's public key and a message digest MD ' ⁇ ⁇ obtained by compressing a broadcast message (plain text) obtained by decrypting the cipher text using a hash function are obtained. Compare / verify and check for falsification and sender.
  • FIG. 133 As an embodiment of the fifth-second c of the encryption information decryption device 3f , FIG. 133
  • a reception notification transmitting unit 3 for transmitting a reception notification to the information relay device for further confirming that the recipient himself / herself has received the encrypted information decryption device of the 5-1c embodiment of the present invention 3 Take a configuration with cf.
  • the reception notification transmitting unit 3c £ transmits, for example, a reception notification in which a digital signature is attached to a message digest of the received communication content, a time stamp of the reception time, a recipient ID, and the like.
  • the encrypted information decryption device 3t of the present embodiment is provided with the above-mentioned reception notification transmission unit 3c ⁇ .
  • the recipient himself / herself can send a reception notification with a digital signature attached to the information relay device. It is possible to confirm that the distribution was successfully made to one of the members registered in one list.
  • the multi-part receiving unit 3 d ⁇ determines whether a part of the part has been transferred to the information storage device 5 £ based on the content of the broadcast message as shown in FIG. 59, and if the packet has been transferred, If it is, contact the information storage device 5f and 134 Acquire parts using the most suitable protocol for transmission (for example, HTTP protocol ⁇ FTP protocol). Further, when the encryption information is composed of a plurality of parts, the decryption unit 3b ⁇ of the present embodiment operates so as to perform the decryption processing for each part.
  • the broadcast message is composed of a plurality of parts, and the information storage device 4 ⁇ ⁇ ⁇ in which some of the parts can be referred to from the information relay device 4 ⁇ by the above-described signal information creating device 2 ⁇ . This corresponds to the case of being transmitted to
  • the fifth to fourth c-th embodiment of the encryption information decrypting apparatus of the present invention is the encryption information decrypting apparatus according to any of the fifth to fifth-third embodiments. It is configured to further include a broadcast security verification unit 3 e in the decryption device 3 ⁇ .
  • the broadcast security verifier 3 e ⁇ operates as one of its functions to verify whether the sender is a member registered in the member list. At the time of verification, to confirm the sender to get the member list from the list acquisition storage unit 3 f f described below. In addition, by accessing a resource database that registers information about the member list placed on the network (for example, using a protocol such as LDAP), it is possible to check whether the sender is included in the member list. , You may ask. Further, a function similar to that of the broadcast security verifying unit provided in the information relay device described later may be further provided.
  • a fifth to fifth c-th embodiment of the cryptographic information decryption apparatus of the present invention is a cryptographic information decrypting apparatus according to any one of the fifth-to-first to fifth-fourth c-embodiments. 135
  • the configuration is such that the decryption unit 3 f is further equipped with a list acquisition and storage unit 3 ft.
  • the list acquisition and storage unit 3ff stores the member list stored in the resource database located on the network in the same or different protocol (for example, When using SMTP for broadcast communication, use HTTP, etc.).
  • the transferred member list is stored in a storage device (not shown), and obtained by reading the member list from the storage destination when necessary.
  • the list acquisition storage section 3 f f, member list is operable to check whether the latest version.
  • a database located on the network that stores information on the latest version of a member list may have the same or a different protocol than broadcast (for example, using SMTP for broadcast). In this case, use LDAP, OCSP, etc.) to check the latest member list version.
  • the list acquisition and storage unit 3f £ has a function of verifying the validity of the member list described in the embodiment of the member list management device 1E described above. Verify the validity of the list.
  • the function for verifying the validity of the public key and the secret key used for the digital signature described in the above-described embodiment of the cryptographic information creation device is provided by the decryption unit 3 b E and the list acquisition and storage unit 3 f. It is good also as a form used in preparation for ⁇ . Providing these functions further enhances safety.
  • FIG. 61 shows the implementation of the 5th to 6th d of the information relay device of the present invention. Includes and represents 136 forms.
  • the distribution destination list management unit 4a ⁇ that stores and manages the distribution destination list managed by the team master and the transferred cryptographic information are stored in the distribution destination list included in the distribution destination list. It consists of an information duplicating unit 4 b f that is duplicated for transfer to the member, and a transmitting unit 4 c £ that transmits the duplicated cryptographic information to each of the distributed members.
  • the distribution list management unit 4 a ⁇ has a function of storing and managing a distribution list, a function of acquiring and storing a member list, and an embodiment of a member list management device when acquiring a member list.
  • the distribution list management unit 4a a sets the distribution list with reference to the member list
  • the distribution list management unit 4a further has a function of checking whether the member list is the latest version.
  • a database located on the network that stores information about the latest version of a member list may have the same or a different protocol as broadcast (for example, when using SMT II for broadcast). LDAP, OCSP, etc.) may be used to query the latest member list version.
  • Embodiment of the 5-2 d of information relay apparatus of the present invention the first 5-1 d embodiment of the information relay apparatus 4 f, the configuration further comprising a list validity confirmation portion 4 d f Take. 137 list validity confirmation portion 4 d f, when acquiring the main Nba one list verifies the main emission Barisu preparative validity.
  • the function of verifying the validity of the member list is as described in the embodiment of the member list management device 1 described above.
  • the information relay device 4 ⁇ according to the fifth to first or fifth to second embodiments further includes an additional information attachment part 4cs. Take the configuration.
  • the additional information attachment 4c £ attaches various information (service information, management information, etc.) by the team master 1 or the administrator of the information relay device 4E to the encryption information. With the function of attaching the additional information, a wide range of services can be provided to the members to be distributed.
  • the fifth to fourth d embodiments of the information relay device of the present invention are provided in the information relay device 4 ⁇ according to any one of the 5-1 d to fifth to third d embodiments, for verifying the broadcast security.
  • the configuration further includes a part 4 ff.
  • the broadcast security verification unit 4 f ⁇ has a function to verify the identity of the member list as the first function. For example, if the terminal on the sending side is broken or the communication line is disconnected, the latest member list may not be available to the sender.
  • the broadcast security verification unit 4 f ⁇ includes a list of members used to encrypt the transmitted encrypted information and a list of destinations used by the server during transmission to further enhance the security of the broadcast. Verify the identity with the member list used to create the list. 138
  • the member list was used. Can be verified to be the same.
  • identity verification can be performed by verifying whether the digital signers attached to the member list are the same.
  • identity verification can be performed by comparing the message digest with the member list using a hash function.
  • the broadcast security verification unit 4ff has a second function of verifying the broadcast sender. In the conventional broadcast communication, since the administrator of the information relay device 4f was able to see the contents of the information, it was possible to inspect the contents, for example, whether or not slander or slander information was flowing.
  • the broadcast communication security verification unit 4ff sends the information terminal that refuses to receive the information (for example, it can be identified by an IP address) or the user's identification information (for example, in the case of a mail system, It obtains the rejection information including the e-mail address and the certificate issued by a trusted certificate authority), and sends the information or the sending terminal of the information transferred to the information relay device 4 £. Has a function to verify whether or not it is included in the reception refusal information.
  • the rejection information includes, for example, the e-mail address of an individual who has sent spam in the past, or the IP address / net address of a terminal whose security level is low and personal identification may not be performed in a legitimate manner. Contains a list of network addresses. 139
  • the broadcast security verification unit 4 f ⁇ has a third function of verifying the contents of the broadcast. This verifies the sender and communication contents in order to increase the security of the broadcast. It verifies that the sender of the cryptographic information is included in the member list, and verifies that the transmitted information contains a malicious program or data string.
  • the broadcast security verifying unit 4f £ makes sure that, of the cryptographic information composed of a plurality of parts, the parts stored in the information storage device and referred to by the cryptographic information decryption device are surely stored. It has a function to verify that it has been transferred to the device. Refers to the transmitted cryptographic information, determines whether some of the cryptographic information composed of multiple packets has been transferred to another information storage device, and transfers some to another information storage device. If so, verify that the transfer was successful.
  • the function of verifying the validity of the public key and the private key used for digital signature described in the above-described embodiment of the cryptographic information generation device is provided in the broadcast security verification unit 4 f ⁇ and used. There is also a form to be performed.
  • the fifth through fifth embodiments of the information relay apparatus according to the present invention are the same as those of the fifth through fifth embodiments, except that the broadcast relay contents storage unit
  • the configuration is further provided with 4 gf.
  • Broadcast content storage unit 4 g f the information has been transferred or a part of the information, or, to save and attach attachments on the information. For example, if the mail server in the mail system fails or if the recipient's terminal is out of order, the information sent will not be correctly received. 140 possible. In some cases, the audio is interrupted due to the communication line in the audio chat. Even if the data sent by the sender and the data received by the receiver do not match in this way, the data can be safely stored by the storage function using the broadcast content storage unit 4 g £, You can check it again and get it again when it becomes unavailable.
  • the fifth to sixth d embodiments of the information relay device of the present invention are the same as those of the 5-1d or the fifth to fifth d embodiments. 4 h ⁇ ⁇ ⁇ is further provided.
  • the broadcast automatic opening section 4h ⁇ automatically starts the broadcast without obtaining the manual permission of the server administrator.
  • the administrator of the information relay device it was necessary for the administrator of the information relay device to perform the work associated with the establishment in advance. For example, it was necessary to set distribution lists, distribute IC cards, and register public keys in information relay devices.
  • cryptographic broadcast is not an endless communication, but is a communication that uses a minimum amount of time when necessary, such as one hour of voice chat and three contract file transfers. It is thought that there are many cases. In that case, the work burden on the start or delete the broadcast of information relay apparatus 4 f becomes very large. In addition, there is a danger of mistakes and the presence of a malicious administrator. Therefore, a system that requires as little manual setting as possible by humans is desirable for safety. Therefore, the information relay apparatus 4 f of the present embodiment, without the need for manual configuration of the server administrator, satisfies certain conditions of use (e.g., charges proportional to the usage time of payment, etc.), Provides a function to start broadcasting automatically.
  • certain conditions of use e.g., charges proportional to the usage time of payment, etc.
  • the broadcast automatic opening unit 4 h f is, opening the requester is opened accepted the request, which has been transferred, may be e Bei the establishment request confirmation function to verify whether or not an accurate request. For example, if a credit card is described in the billing item, verify that the credit card number is properly registered and billable. During this verification, the information relay apparatus 4 f data used for verification when had no queries the data base Ichisu or server or the like having a predetermined data is arranged on the network.
  • the information relay apparatus 4 f may be provided with a withdrawal request receiving unit that receives a request for withdrawal members one broadcast (not shown).
  • the withdrawal request receiving unit when the withdrawal request receiving unit receives a withdrawal request that the member of the broadcast withdraws from the broadcast to the information relay device, the withdrawal request is transferred to the member.
  • a withdrawal request reception unit is provided to cancel the request and notify the team master of the reason. You can also use identity verification techniques such as digital signatures and shake hands to determine if the withdrawal request is definitely a withdrawal request member—the transfer cancellation request you created.
  • Embodiment 5-1 of the broadcast communication system of the present invention an example in which a securities company distributes securities news to members using an information relay device operated by a third party will be described.
  • the function of the information relay device of the present invention is realized using a mailing list server and a WWW server in order to realize secure broadcast communication of the mail system.
  • This mailing list server is operated by a third party.
  • the WWW server has items set by the mailing list server administrator to establish a broadcast and must be met by the requester. Is stored.
  • the securities company downloads this website using SSL (Secure Socket Layer) communication and fills out the form corresponding to the item displayed on the browser. input.
  • SSL Secure Socket Layer
  • the broadcast permission automatic opening unit 4h ⁇ implemented as a program running on the server (for example, CGI) has a function to determine the permission to open the 4h ⁇ .
  • ⁇ ⁇ “Using the four data of 1000 j, it is decided whether or not to allow the establishment.
  • the credit card No is used as a credit card service company. And verify that the cardholder and the certificate holder match, and if so, forward the page to the subscriber requesting permission to open. If not, The page notifying that the establishment has been rejected is transferred to the subscription requester again.
  • SSL Secure Socket Layer
  • the requester is managed as the team master by the broadcast opening setting function of the broadcast automatic opening unit 4h ⁇ implemented as a program running on the mailing list server.
  • a distribution list (initially an empty list) for distributing the information sent to this mailing list address is set.
  • the mailing list server forwards a message to the team master indicating that the opening settings have been successfully completed.
  • the member list management device 1 £ in Example 5-1 is implemented, for example, as a JAVA applet, incorporated in a homepage, and stored in a WWW server.
  • the team master manages the member list to be set using the applets downloaded using SSL communication.
  • the member list in the embodiment 5-1 is composed of three lists: a team master list, a reporter list, and a recipient list.
  • a team master list set a submaster who can manage the team in addition to the team master, register reporters who write security news in the reporter list, and digitally sign the team master Then, transfer the information to the information relay device 4 ⁇ again.
  • the information relay device 4f sets the distribution list after verifying the digital signature to make sure that the member list is definitely created by the team master.
  • the delivery rule in the embodiment 5-1 is that the broadcast information transferred from the members of the reporter list is copied and registered in the receiver list (included in the member list).
  • the subscription request receiving unit 1 of the member list management unit 1 is installed so that the receiver can be automatically subscribed to any user who can perform monthly billing. Use d ⁇ .
  • a plurality of submasters are set in the team master list included in the member list set by the team master.
  • the submaster is also an employee of a securities firm, who is responsible for managing the recipient list.
  • the submaster downloads the subscription request item setting function of the subscription request receiving unit 1 df implemented as a WWW page using SSL communication.
  • the WWW server sees the certificate of the submaster that can be obtained by SSL communication, and performs identification and authentication of the submaster. By setting up each item of the form on the WWW page, you can set the required items for subscription.
  • a service contract agreement, a billing item, an e-mail address and a certificate including an e-mail address are to be presented, and further, the enrollment request of the enrollee is encrypted.
  • Requesters to subscribe to the securities news distribution service use the subscription request item presenting function of the subscription request reception unit 1 ef implemented as a JAVA applet embedded in the WWW page, and first enter the contract agreement.
  • Use your private key to digitally sign, and enter your billing items and email address.
  • the confidential information especially billing information: credit card No and bank account number, etc.
  • Subscription requests from a large number of subscription requesters are stored as encoded subscription request information on a WWW server.
  • a program that implements the subscription permission determination function of the subscription request receiving unit le E accesses the WWW server, acquires encrypted subscription request information, and allows each item to permit service subscription. To determine if it has been met. For example, use the key validity verification function to verify that the public key and private key are still valid. As a result of the judgment, a notification e-mail indicating that the subscription was permitted or rejected is forwarded to the subscriber.
  • This program can further automatically operate the member list management device.
  • the member list stored in the WWW server is used by the member list management device 1f, and the member list acquisition and storage unit 1c ⁇
  • the subscriber is registered in the recipient list of the member list.
  • a digital signature is attached to this list of recipients using the secret key of the submaster registered as the submaster and a new member list is transferred to the WWW server again.
  • the WWW server verifies the validity of the member list by using the function for verifying the validity of the member list described above, and verifies the validity of the public key and the private key used for digital signature. Verify whether all public keys included in the member list are valid using the function.
  • the distribution list is updated using the distribution list management unit 4a a. Also, for members included in the reporter list, the latest member list is sent to the list transmission unit 1 d £ (in the embodiment, this is implemented using the SMTP protocol. ) And send it.
  • the terminal on which reporters create securities news is a general-purpose computer.
  • an e-mail software is installed in a notebook computer, etc.). Attempts to transfer articles created using this email software by specifying the address of the mailing list.
  • the cryptographic information creation device 2 ⁇ ⁇ implemented as plug-in software linked with the e-mail software uses the destination inspection unit 2 c ⁇ to determine whether the mailing list address is a member list.
  • the plug-in software first uses the list acquisition and storage unit 2a to verify whether the version of the member list existing on the terminal personal computer is the latest version. It queries the latest version of a resource database built on the network based on the X.500 standard using LDAP. If it is not the latest version, the latest member list is obtained from the location of the latest version registered in the resource database (in this embodiment, it is obtained from the WWW server using SSL communication).
  • the cryptographic information creating apparatus 2 f after confirming the validity of the members one list by using the function to verify the validity of the members one squirrel Bok, the public key of the members of the recipient list that is included in the members one list The encryption is performed by the encryption unit using.
  • the digital signature addition function acquires the reporter's private key from the IC card that records the private key held by the reporter, and attaches a digital signature to the created article.
  • This digital signature allows the recipient to verify which reporter wrote the article and to verify the authenticity of the article. Also, reporters who have delivered articles cannot deny that they created the article.
  • the mailing list sent to the address of the mailing list is the digital signature attachment of the information sent by using the broadcast security verification unit 4fE (in this example 5-1, , Reporter) Power ;, make sure that it is definitely included in the reporter list of the member list.
  • the function to verify the identity of the member list is used to verify whether the versions of the member list are different.
  • the cryptographic information is duplicated using the information duplication unit 4b ⁇ , and the members included in the list of recipients in the member list are implemented using the SMT protocol.
  • the encryption information decryption device of the present invention implemented as plug-in software embedded in the recipient's e-mail software uses the function of verifying the digital signature of the decryption unit 3 b ⁇ to perform tampering. Check the existence and creator of the information, and confirm that the sender is a reporter of a securities company. After confirmation, the article can be decrypted and read.
  • a reception notification is sent to the information relay device 4 £ using the reception notification transmission unit 3 c £.
  • the Java applet in the present embodiment is really malicious, it can be verified by checking the digital signature attached to the JAVA applet.
  • Embodiment 5-2 of the broadcast communication system of the present invention An example will be described in which 148 members are used to broadcast confidential information such as estimates and negotiations between members (this set is referred to as team 011 £ ).
  • a mailing list server is used as an information relay device.
  • the team master of team 0 1 f uses a member list management device 1 ⁇ implemented as an executable file on the OS of a general-purpose desktop computer, and the member list that broadcasts confidential information. Performs management. To get the members list using a list acquisition storage unit 1 c f, open the list creation and change GUI screen.
  • a list of members of Team 0 1 1 £, a public key database on the terminal is accessed using the public key management unit 1 b £, and a list of stored public keys is displayed. It's shown.
  • the team master of team 001 f selects the public key of the member who joins the team from the public key list, and adds it to the list of members of team 001 e.
  • the user can access the directory service provided by the certificate authority on the network and use the public key that did not exist in the terminal. Obtain the public key of the member you want to add to Team 0 0 1 ⁇ and add this public key to the list of members.
  • the ⁇ ⁇ button is displayed on the GUI screen.
  • the function to verify the validity of the public key and the private key used for the digital signature is performed by the directory of the certificate authority that issued the certificate containing each public key included in the member list. Access the service using the LDAP protocol and verify that this public key is valid. Validation reveals invalid public key If so, a dialog is displayed to inform the team master. If everything is valid, create a member list consisting of a timestamp, the address of the mailing list, the team ID, and the distinguished name of the team master, and then use the hash function to compile the entire data of this member list. Compress using MD5 to generate compressed data.
  • the secret key of the team master is accessed, and the password is decrypted using the password input by the team master from the dialog box (in this embodiment, the password decryption implemented using the common key cryptosystem RC2). Use of conversion).
  • the digital signature is created by encrypting the compressed data with the public key encryption method RSA using the secret key of the team master obtained as a result.
  • This member list and digital signature are transferred to the information relay device 4f as mail using the SMTP protocol.
  • the information relay device 4 ⁇ uses the member list acquisition function of the distribution destination list management unit 4af to transmit the SMTP mail composed of the received multi-part (MIME (Multipurpose Internet Mail Extensions)) format.
  • MIME Multipurpose Internet Mail Extensions
  • the contents are analyzed, and the member list part determined from the Content-Type is extracted and input to the list validity confirmation unit 4 d ⁇ .
  • the list validity confirmation unit 4 d ⁇ verifies that the digital signature of the team master of team 01 f is definitely attached as the digital signer of the member list, and the distribution list management unit 4 Use a to change the recipients of the distribution list. Then, for the recipients of the distribution list that has just been changed, the member list and the digital signature are copied for each MIME format and transmitted to each recipient of the distribution list. 150
  • the cryptographic information creation device 2 ⁇ that operates as a mailer installed on a general-purpose desktop computer 2 ⁇ receives the mail including the member list, it — From Type, this mail is identified as a member list in the broadcast.
  • the mailer extracts the member list and the digital signature, uses the function to verify the validity of the list, verifies the validity of the member list, and then obtains the list. Save using the storage unit 2 a ⁇ .
  • Members included in Team 01 use the broadcast information creation function of the encryption information creation device 2f implemented as a general execution program that runs on a general-purpose desktop computer.
  • the destination inspection unit 2c £ checks the destination address, and multiple members whose destination addresses are stored on the terminal Members of the list that are private to the destination address — check for a list. If there is a member list, the attached file and mail are encrypted using the member list's public key.
  • the encryption unit 2b ⁇ separately encrypts each attached file and the mail text, and individually attaches a digital signature.
  • the attached file is transferred to the information storage device (information storage server) 5 ⁇ without attaching it as it is.
  • the multi-part transmission unit 2 d ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ queries the database on the network for the information storage device 5 ⁇ corresponding to the mailing list address, and Identify the address of the information storage device 4 ⁇ ⁇ ⁇ to be sent and the transmission method (eg, protocol). 151 If the information storage device 5 £ is found to be a mechanism that permits file transfer using the HTTP protocol, it transmits using the HTTP protocol.
  • the information storage device 5 £ can use SSL communication to authenticate the user, the information storage device 5 £ can be used for the member list using the broadcast service provided by the mailing list server. You can check if it is included. In the body of the mail, the address of the information storage server is attached and the address is transferred separately from the transmission of the two attachments. First, the mailing list sent to the address of the mailing list contains the digital signature of the information sent using the broadcast security verification unit 4ff. Check that it is included in the reporter list. In addition, the function to verify the identity of the member list is used to verify whether the versions of the member list are different. If the version of the member list is different as a result of the verification, information indicating that fact and the broadcast information are returned to the reporter.
  • the communication content include any malicious programs or viruses that use equipment / software bugs? Verify Furthermore, using the information storage device reference function of the broadcast security verification unit 4 f £, it is verified whether the two attached files that were definitely encrypted were transferred to the information storage device 4E and stored. I do. As a result of the above verification, if everything is normal, the contents of the broadcast are stored in the database connected to the mailing list server using the broadcast contents storage unit 4 g £. At that time, a digital signature using the time stamp and the private key of the mailing list server is attached and saved. In addition, it was confirmed that the attached file was stored in the information storage device 4 ⁇ ⁇ for the encrypted information.
  • the falsification / information creator is confirmed by using the function of verifying the digital signature of the decryption unit 3b ⁇ , and further, the broadcast security verification unit 3eE Use the sender's reliability check function to confirm that the member is a business partner included in the list.
  • the decryption unit 3b ⁇ is used to decrypt the information and look at the encrypted information, it is clear that the attached file has been sent to the information storage device 5 ⁇ .
  • Multipart receiving unit 3 d f downloads this attachment by using the HTTP protocol, it again decrypt it files, it is possible to obtain the original information.
  • each device in the embodiment 5-2 has been described above.
  • the present invention may use a network such as a LAN or a dial-up, in addition to the Internet.
  • a program for realizing the member list management device of the present invention is recorded on a computer-readable recording medium, and is recorded on this recording medium.
  • a program may be loaded into a computer system and executed to perform member list management.
  • the member list management program combines a function of creating a member list including one or more public keys of one or more members performing broadcast communication, and a function of acquiring and storing the public key. Realize it in one step.
  • a program for realizing the encryption information creation device of the present invention is recorded on a computer-readable recording medium, and the program recorded on the recording medium is read into a computer system and executed. ⁇ information may be created.
  • the encryption information creation program has a function of acquiring and saving a member list via a network, acquires a broadcast message, and includes the broadcast message in the member list.
  • a computer is made to realize the function of encrypting information using a public key to generate encrypted information.
  • a program for realizing the encrypted information decrypting device of the present invention is recorded on a computer-readable recording medium, and the program recorded on the recording medium is read into a computer system and executed.
  • Information decryption may be performed. That is, the encryption information decryption program causes a computer to realize a function of acquiring the encryption information transferred from the information relay device and a function of decrypting the encryption information included in the encryption information.
  • a program for realizing the information relay device of the present invention is recorded on a computer-readable recording medium, and the program recorded on this recording medium is read by a computer system and executed to execute information relay. Processing may be performed. That is, the information relay processing program has a function of managing the distribution destination list, a function of copying the transferred encrypted information, and 154 A combination of a function that distributes the produced encrypted information to each distribution destination: one. Also, in order to realize broadcast in a mobile network environment, a terminal that does not have a member list management device, an encryption information creation device, and an encryption information decryption device of the present invention required for broadcast must be used.
  • the software that realizes the functions of each device is downloaded from the software storage device that is located on the network on this terminal and stores the software that realizes the functions of each device, and Broadcasting may be performed by reading and executing the computer system built in the PC.
  • the 5th-la to 5-4a, the 5th to lb to 5b, the 5th to lc to 5c, the 5th to 1c! According to the invention of the embodiments from 5 to 6 d, the following effects can be obtained.
  • the information that is encrypted in the information relay device is not decrypted, it is possible to prevent the information relay device administrator from improperly leaking or falsifying the communication content of the broadcast communication, and Broadcast content can be shared only with members who need to share the information.
  • a subscription request receiving unit is provided in the member list management unit, and a broadcast automatic opening unit is provided in the information relay device, so that a receiver performing broadcast communication withdraws, It can respond quickly to subscriptions and can prevent information from being erroneously transferred to members who should not broadcast, even if the broadcast members change dynamically.
  • the administrator of the information relay device since the management is performed by the member list, the administrator of the information relay device does not manage the member to be distributed in the broadcast, but manages the member. 155 It is possible to manage the members to be delivered among members who perform broadcast communication, and it is possible to reduce the management burden concentrated on the member managers.
  • the information relay device is provided with a broadcast security verification unit and a broadcast content storage unit
  • the encrypted information decryption device is provided with a reception notification transmission unit and a broadcast security verification unit.
  • the invention of the sixth embodiment is for sharing various kinds of information and various functions provided to users between team members (users or members) corresponding to organizational units such as company departments and sections. It is related to a team data list processing system that creates, manages, and stores a team data list, and thereby safely shares this information and functions among users for each team. More specifically, a team data list storage device that performs processing related to the storage of team data lists, and a team data list that performs various management on the team data list obtained from the team data list storage device This is related to a system equipped with a network management device. With respect to the invention of the sixth embodiment, the following technology has been known.
  • ACL access control list
  • FIG. 76 shows an overview of a conventional system that uses ACLs to share information among multiple users.
  • intranet 1 and internet 2 are connected to server 5 through firewalls 3 and 4, respectively.
  • sharing members 6 outside the intranet are sharing information with each other via the internet 2.
  • intranet 1 is a closed network, such as a network established within a company
  • internet 2 is a public network that spans the globe.
  • the firewalls 3 and 4 are computers that prevent malicious intruders and others from illegally accessing the intranet 1.
  • the server 5 ⁇ is a terminal (computer) storing various resources, a database 7 ⁇ ⁇ storing shared information, a group that can access specific information or functions, and a member list of members belonging thereto.
  • the server 5 has a data storage function for managing shared information stored in the database 7 and a user authentication function for verifying whether or not a communication partner corresponding to a client is an authorized person in advance. Function, access control function that verifies whether access to shared information is possible based on ACL 8 ⁇ , and group management that enables only members belonging to a specific group to access specific shared information based on ACL 8 ⁇ . Has functions. 157 ⁇ In the system shown in Figure 76, when a user inside the shared member 6 intranet 1 receives an access request to the database 7, the server 5 refers to the ACL 8 and authenticates the user each time.
  • FIG. 77 shows an example of a conventional implementation in which only members belonging to a specific group share information.
  • Server SV # in the figure corresponds to server 5 # in FIG.
  • the client is a terminal operated by a person inside the shared member 6 intranet 1 in Fig. 76.
  • a member list 9 ⁇ ⁇ is provided on the server SV ⁇ .
  • Each group—List 9 is a group ID that is an identifier assigned to the group, a public key of each member in the group, and a public identifier that is assigned to these public keys. It consists of a key number (public key No in the figure), and has a digital signature of the team master of the group.
  • the server SV ⁇ performs a predetermined authority check, and then performs a corresponding operation to the specified group ID.
  • the member list 9 is transferred to the client CL as a public key ID list. After confirming that the digital signature of the team master included in the list is valid, the client CL II groups the sent member list into a group.
  • a member list 9a a is created by adding or deleting the member's public key and public key ID in response to the member's joining or leaving the group.
  • the client CL # digitally signs the member list 9a #, sends a request for updating the member list to the server SV #, and returns the member list 9a #.
  • the server SV # receives the member list 9b # from the client CL and updates the group on the server SV #.
  • the administrator of the server 5 ⁇ and the server SV ⁇ is given the authority to set and manage the ACL 8 ⁇ ⁇ ⁇ . I have. Therefore, these server administrators can make unauthorized access to ACL 8 ACL, and there is a drawback that it is not possible to prevent the contents of ACL 8 ⁇ from being tampered with intentionally.
  • ACL8 may be tampered with by anyone other than the server administrator who invades the server SV II (so-called cracker).
  • the invention of the sixth embodiment has been made in view of the above points, and its purpose is to prevent a server administrator storing a team data list from managing the team data list.
  • the team data list in the present invention is a general term for a list that defines information about a team, and refers to a “set of members” applied to applications requiring highly confidential management such as the ACL described above. It is for definition.
  • terminal administrators, network administrators, and server administrators who are not members of the team can change information about the team.
  • the team data list of the present invention the information on the team is divided into a plurality of lists (one or more members and a team master list as described later) and managed, whereby the team master itself is managed.
  • FIG. 67 roughly illustrates the configuration of a system premised on the present invention, and is a system configured by connecting a client and a server SV # via a network NW #.
  • the member list describes members who can access resources such as various types of information and functions provided to users.
  • the server SV ⁇ ⁇ is connected to a database 10 ⁇ ⁇ constructed on a hard disk or the like.
  • This database 10 ⁇ has a group (group ⁇ ⁇ , ⁇ ⁇ in the figure) to which a plurality of members belong.
  • the corresponding member lists 11 1 and 11 1 are stored.
  • the server SV ⁇ ⁇ has only a member list storage function.
  • the client CL changes and returns the member list, and the member list on the database 10 1 11 ⁇ ⁇ and member list 1 1 Replace the contents of ⁇ ⁇ .
  • Client CL II has a member list management function.
  • One of the member list management functions is a function of changing the member list.
  • the client CL II modifies the member list obtained from the server SV ⁇ according to the addition or deletion of members and returns it to the server SV ⁇ . To do it.
  • the server administrator ⁇ cracker, etc. operates the server SV ⁇ , and the member list on the client CL side is obtained.
  • the member list on the server SV ⁇ ⁇ can be falsified without the intervention of the port management function. Moreover, if a server administrator or the like illegally falsifies a member with his / her digital signature, there is a problem that the client CL cannot distinguish it from a legitimate administrator. To avoid this kind of inconvenience, the system shown in Fig. 67 adds digital signatures 12 1 and 12 2 to the member lists 11 ⁇ and 11 1, respectively. To cope with this, the client CL II has a digital signature function as a part of the member list management function, and the private key is transmitted from an IC (integrated circuit) card or the like in which the private key file or private key is recorded.
  • IC integrated circuit
  • Fig. 68 outlines the procedure for changing the member list on the server SV # from the client CL # side.
  • the member list 20 stored on the server SV ⁇ includes the members that make up the information sharing group team ⁇ 1 ..
  • the team master ⁇ ⁇ ⁇ ⁇ on the client CL ⁇ side has a group ID (identifier) for identifying the group or team, and a user public key in the public key system (that is, a predetermined length). Bit 162), and sends the user public key number (user public key No in the figure) to the server S ⁇ ⁇ , and requests the server SV ⁇ ⁇ to send the member list (step S l). .
  • the “user public key number” is information for identifying and authenticating the user such as the team master TM ⁇ , and is a serial number assigned in advance to each user public key. is there. More specifically, the user public key number is information corresponding to each user public key for uniquely identifying the user public key. For example, the user public key number is included in a certificate issued by a certificate authority. This is the serial number of the certificate. Also, as information for identifying and authenticating the user himself / herself, various information such as an ID and a name for actually identifying the key creator himself / herself can be used in addition to the user public key number just described. .
  • the server SV # confirms the authority of the team master ⁇ @ ⁇ , as described in detail below, based on the group ID and the user public key number sent from the client CL (step S2).
  • the server sv identifies and authenticates the team master ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ .
  • this process will be described in accordance with the procedure shown in FIG. First, as described in step S2 ⁇ in FIG.
  • the client CL ⁇ accesses the server SV ⁇
  • the user name and user public key (actually, the user public key number described above) are collected.
  • the server SV ⁇ ⁇ generates a random number and stores it internally, and encrypts the random number with the user public key (corresponding to the user public key number) (step S 102 ⁇ ) and encrypts the random number.
  • Send data to client CL CL as “challenge data” (Step S103).
  • the client CL ⁇ decrypts the challenge data sent from the server SV ⁇ with a secret key corresponding to the user public key (step S104), and uses the obtained decrypted data as a “challenge response” in the server.
  • Step S105 The server SV confirms the communication partner by comparing the challenge response sent from the client CLC with the random number generated in step S102 ⁇ . That is, if they match, it is possible to confirm that the person who knows the secret key corresponding to the user public key sent in step S101 is the communication partner (successful authentication). On the other hand, if the two do not match, it can be understood that the communication partner may not be a person with valid authority (authentication failure) (step S106 6). Thereafter, the server SV # notifies the client CL # of the confirmation result (authentication success or authentication failure) obtained in step S106 # (step S107 #).
  • the server checks whether the user public key number sent from the client CL # is included in the member list 20 # and checks the user (in this case, Check if the team master)) has the authority to change the member list 20 ⁇ .
  • the user public key number sent from the client CL # is described in the member list 20 # corresponding to the team ⁇ 1 ⁇ specified by the group ID.
  • server SV # notifies client CL # of authentication failure.
  • the server SV acknowledges the request for rewriting the member list by the team master ⁇ ⁇ ⁇ ⁇ because the digital signature in the member list 20 is that of the team master ⁇ ⁇ .
  • Step 164 transfers C to the client CL side (Step 164 pp ⁇ 3 ⁇ ).
  • the client CL checks the digital signature in the member list 20 ⁇ , and since the digital signature is the one assigned by the team master ⁇ ⁇ ⁇ , the member CL 20 ⁇ is tampered with on the server SV ⁇ side. Confirm that it has not been performed and is valid (step S4).
  • the client performs a member change process of replacing the member MB No. in the member list 20 No. with the member MC No. to create the member list 21 No. (Step S5 No.).
  • the digital signature is deleted when the member is changed, so the client CL ⁇ adds the digital signature of the team master ⁇ ⁇ ⁇ to the member list 21 ⁇ . 22.
  • the management of the member list itself is performed by the administrator selected from the members in each team on the client CL CL side, and the server SV ⁇ side described above.
  • the system is designed to prevent unauthorized persons such as server administrators and crackers from tampering with the member list.
  • the present embodiment which will be described in detail below, is a further development based on the base technology described above, and achieves the above-described object of the present invention by incorporating the functions described below. I have. First, in order to reduce the burden on a single administrator when managing a member list of a department that has many people, a mechanism to manage the member list with multiple administrators is implemented.
  • FIG. 66 is a block diagram showing the configuration of the entire system of this embodiment including the team data list management device and the team data list storage device.
  • a team data list management device 30 3 and a team data list storage device 31 1 have a team data list management function and a team data list storage function, respectively, which will be described in detail below. Data is exchanged using the communication function.
  • Each of the team data list management device 30 ⁇ and the team data list storage device 31 1 can be realized by a general computer such as a workstation.
  • Stores programs for implementing the team data list management function and the team data list storage function (team data list management program, team data list storage program). These programs are stored in portable storage media such as floppy disks, IC (integrated circuit) cards, magneto-optical disks, CD-ROMs (compact disks—read only memory), and hard disks built into computers.
  • the program may be for realizing a part of the functions described in detail below, and further, these functions may be realized in combination with a program already recorded in the computer.
  • a team master can change a submaster or a member, or even his own team master.
  • general members other than the submaster and the team master are those who share information and functions, and have no authority to make changes to the contents of the team data list.
  • a storage device 32 # that can construct a database such as a hard disk is connected to the team data list storage device 31 # shown in FIG.
  • the storage device 32 @ 2 stores a set of a team data list including a member list 33 @ 3 and a team master list 34 @ 4 for each team composed of a plurality of members. Although only one set of the member list 33 3 and the team master list 34 4 is shown in the figure for the sake of explanation, there are actually as many as these teams.
  • Member list 33C provided to user It consists of a list of members that share information and functions that share information, such as member identification information, the public key given to the member, and the ID of the holder of the private key corresponding to this public key (hereinafter referred to as the “public key”). ID), a team ID that identifies the team, a digital signature of the list creator (ie, the team master or submaster), a timestamp indicating the time that the member list 33 was created, and a message within the team. It contains information on functions that can be used by members (for example, applications), and information on hierarchizing teams by comparing them to company organizations.
  • the member list 33 3 also includes information about each member, such as the e- mai 1 (e-mail) address and the member's own address.
  • the team master list 34 4 is composed of a list of team masters and sub-masters. Identification information of the team master or sub-master, public key, public key ID, team ID, digital signature of the team master, It includes a time stamp indicating the time when the master list 34 was created.
  • the team master list 34 4 contains information about the team, such as the number of team members, the time the team was created, and the various functions available to each member in the team. These can be used to manage information resources for each team at the same time.
  • the authority confirmation function 35 5 is requested or changed from the client CL ⁇ side to the member list 33 ⁇ ⁇ and the team master list 34 4.
  • the client CL authenticates the requester himself, and confirms whether this requester has the right to make changes or references.
  • member list 33 168 Starlist 3 4 Judge whether ⁇ ⁇ ⁇ should be transferred.
  • the list storage function 36 6 obtains these lists from the storage device 32 ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ when the authority confirmation function 35 ⁇ uses the member list 33 ⁇ and the team master list 34 ⁇ . Or the process of saving to the storage device 32 3. In the following description, it is assumed that when the authority confirmation function 35 ⁇ uses the member list 33 ⁇ or the team master list 34 ⁇ , the list storage function 36 ⁇ ⁇ always exists.
  • the list creator confirmation function 37 7 obtains the member list 33 3 or the team master list 34 4 from the team data list storage device 31 1. Verify that these lists have been created by an administrator with administrative authority (ie, team master or submaster). By this verification, it is possible to detect that an unauthorized person such as an administrator of the server SV ⁇ or a cracker who has illegally entered the server SV ⁇ has tampered with the member list 33 ⁇ ⁇ team master list 34 ⁇ . .
  • the list change function 38 is changed by adding, deleting, or replacing member managers to the member list 33 or team master list 34 obtained by the list creator confirmation function 37. Is added.
  • the digital signature function 39 9 changes the member list 33 3 and team master list 34 4 changed by the list change function 38 8 with a private key or digital signature key that only the changer can know. Digital signatures of those who modify these lists (that is, team masters or submasters) are added using the encryption and hash functions used together.
  • the public key management function 40 ⁇ accesses the public key database 41 1 connected to the team data list management device 30 ⁇ , and acquires the public key and the public key ID corresponding to the public key. .
  • the public Kagide - database 4 1 team data list managing unit 3 0 directly connected of the ⁇
  • the form that exists in a server (for example, a certificate authority) installed on a network such as the Internet can be naturally considered.
  • the public key management function 40 ⁇ accesses the public key database 41 ⁇ ⁇ ⁇ via, for example, a homepage registered on a certificate authority, and from there, stores the public key and public key ID described above in a file. It can also be obtained in the form.
  • the public key database 41 1 and the storage device 32 2 are configured separately from the team data list management device 30 ⁇ and the team data list storage device 31 1, respectively.
  • the public key database 41 1 may be included in the team data list management device 30 ⁇ , and the storage device 32 2 may be included in the team data list storage device 31 1. is there.
  • FIG. 70 shows a processing procedure for changing a member registered in the member list among operations performed when members are managed by a plurality of administrators.
  • the team data list storage device 3 1 ⁇ ⁇ ⁇
  • member MX ⁇ is registered as a team master
  • members MY ⁇ and ⁇ are registered as submasters.
  • those members for example, members , and members! ⁇ ⁇ shown in FIG. 70
  • those members are described as a team master MX ⁇ and a submaster MY ⁇ ⁇ ⁇ ⁇ , respectively.
  • the team data list management device 30 sends a change request for members to the team data list storage device 31 along with the group ID representing the team ⁇ 2 ⁇ and the user public key number of the submaster MY # (step 1).
  • Step S 1 1 ⁇ ) c In the team data list storage device 3 ⁇ , the authority confirmation function 35 ⁇ authenticates the submaster MY ⁇ ⁇ ⁇ ⁇ by the shake hand described above, and then the team specified by the group ID ⁇ 2 ⁇
  • the member list 46 ⁇ related to the user and confirming that the user public key number of the member MY ⁇ exists on the member list 46 ⁇ By referring to the team master list 45 ⁇ , the submaster MY ⁇ ⁇ Confirm that it is a submaster of team T 2 ⁇ ⁇ and has the authority to change members (step S 12 ⁇ ) 0
  • the authority confirmation function 35 ⁇ is designated
  • the team master list 45 and the membership list 46 related to the selected team ⁇ 2 ⁇ are transferred to the team data list management device 30 # (step S13).
  • the list creator confirmation function 37 7 is included in the team master list 45 5 and the member list 46 ⁇ transferred from the team data list storage device 31 1. Check the digital signatures to make sure that these lists are legitimate ones created by those registered in the Team Master List 45 ⁇ (in short, Team Masters ⁇ () S 1 4 ⁇ ) c 171
  • Team Masters ⁇ () S 1 4 ⁇ ) c 171 the details of the confirmation processing performed by the list creator confirmation function 37 ⁇ based on the tip of FIG. 71 will be described.
  • the list creator confirmation function 37 ⁇ obtains the team master list 45 ⁇ and the member list 46 ⁇ from the team data list storage device 31 ⁇ (step S 21 ⁇ ), and then, Check the digital signatures included in these two lists (Step S2 2 ⁇ ) 0 If the result of this check is that any one of the digital signatures has been tampered with, it is determined that an illegal act has occurred Cancel the current process of changing members, for example. On the other hand, if no tampering has been detected, the list creator confirmation function 37 ⁇ is assigned to the digital signature of the member list 46 ((that is, the member MX ⁇ ⁇ in FIG. 70) by the team master list 45 ⁇ .
  • Step S23 3 determines that there has been fraudulent activity and cancel the current processing in the same way as in step S22 ⁇ ( Step S23 3).
  • the list creator confirmation function 37 ⁇ subsequently checks whether the digital signer of the team master list 45 ⁇ (that is, the member ⁇ ⁇ ⁇ ⁇ in FIG. 70) is the team master (step S). 24 4)), and if it is not a team master, as in steps S2 2 ⁇ to 332.
  • the list creator confirmation function 37 3 sends the team master list 45 5 and the member list 46 6 to the list change function 38 8. 172
  • step S15 ⁇ in FIG. 70 the list change function 38 8 is described in the member list 46 6.
  • the member list 7 is created by replacing the member MB ⁇ ⁇ ⁇ with the member MC and sent to the digital signature function 9 ⁇ .
  • the digital signature function 39 ⁇ obtains the secret key of the submaster MY ⁇ from the above-mentioned secret key file and the like, and based on this obtains the member list 48 ⁇ ⁇ with the digital signature of the submaster MY ⁇ ⁇ attached to the member list 47 ⁇ .
  • the team master list 45 5 and the member list 48 8 are returned to the team data list storage device 31 1 (step S17 ⁇ ).
  • the authority confirmation function 35 5 verifies whether the transferred team master list 45 5 and member list 48 8 have been tampered with, and Verify the contents of these lists as follows.
  • the digital signer of the team master list 45 5 is the team master MX ⁇ , so its legitimacy can be understood.
  • the digital signer of the member list 48 ⁇ is the submaster MY ⁇ , and this submaster MY ⁇ ⁇ changes the member from the team master MX ⁇ by referring to the team master list 45 ⁇ that has been verified.
  • the authority confirmation function 35 ⁇ stops the processing without updating the team master list and the membership list (step S 1 8). As described above, the member change during the maintenance is performed. 173
  • step S31 In the team data list storage device 31 ⁇ , the authority confirmation function 35 ⁇ authenticates the team master MX ⁇ ⁇ ⁇ by the shake hand according to the same procedure as described in step S 12 ⁇ of FIG. 70. Check that the user public key number of member MX ⁇ is listed in member list 46 ⁇ , and that member MX ⁇ ⁇ is the team master of team ⁇ 2 ⁇ ⁇ and is authorized to change submasters Make sure (step ⁇ 32 2). Next, the authority confirmation function 35 ⁇ transfers the team master list 45 ⁇ and the membership list 46 ⁇ to the team data list management device 30 ⁇ ⁇ in the same manner as in step S 13 ⁇ of FIG. 70 ( Step S33 3).
  • the list creator confirmation function 37 # checks the digital signature included in the transferred team master list 45 #. As a result, the list creator confirmation function 37 7 confirms that this team master list 45 5 is legitimate created by the team master member MX ⁇ , and the team master list 45 5 And member squirrels 174 (4) is passed to the list change function 38 (step S34).
  • the list change function 3 8 ⁇ creates a team master list 5 1 ⁇ in which the submaster ⁇ ⁇ ⁇ described in the team master list 4 5 ⁇ has been replaced with the submaster MWC, and uses this digital signature function 3 9 9 (Step S35 ⁇ ).
  • the digital signature function 39 9 obtains the secret key of the team master MX ⁇ from the above-mentioned secret key file, etc., and adds the digital signature of the team master MX ⁇ to the member list 51 1.
  • the team master list 52 and the member list 46 are returned to the team data list storage unit 31 (step S37).
  • the authority confirmation function 35 5 stores the contents of the transferred team master list 52 2 and member list 46 6 in the same manner as in step S18 ⁇ in Fig. 70. Verify according to the procedure. In this case, the digital signers of the team master list 52 2 and the member list 46 ⁇ are both team master MX ⁇ , so their legitimacy can be understood.
  • the authority confirmation function 35 5 stops processing without updating the team master list and the member list (step ⁇ 38 8). .
  • the submaster in the team master list has been changed.
  • the original digital signature of the member list 46 ⁇ was that of the team master MX ⁇ , but there is no problem if this is the digital signature of the submaster MY ⁇ .
  • the team master MX ⁇ who has the authority to change the submaster can always give his / her digital signature to the member list 46 ⁇ . Therefore, in this case, the digital data of the submaster MY ⁇ is read from the member list 46 ⁇ on the team data list management device 30 side.
  • the team master list 45 5 stored in the team data list storage device 31 ⁇ is the same as that shown in Fig. 70 or 72, and the member list 48 8 is shown in Fig. 70. It is the same as the one after the member change.
  • the list creator confirmation function 37 ⁇ is as shown in FIG.
  • Step S41 1 the authority confirmation function 35 5 authenticates the member MX ⁇ ⁇ ⁇ by the shake hand according to the same procedure as described in step S 12 ⁇ of FIG. 70. Confirm that the user public key number of the member MX is in the member list 48, and that the member MX is the team master of the team 2 and has the reference authority for the requested list. Check that is given (step S42 4). 176
  • the authority confirmation function 35 5 is executed in the same way as in step S13 ⁇ in Fig. 70 by using the team master list 45 5 and the member list 48 8 regarding the specified team ⁇ 2 ⁇ as the team data list.
  • the data is transferred to the management device 30 (step S43).
  • the authority confirmation function 35 ⁇ saves the team master list 45 ⁇ for use in the authority confirmation performed later.
  • the list creator confirmation function 37 # examines the digital signatures of the transferred team master list 45 # and member list 48 #, and each of them checks the digital signature. Confirm that they are legitimate ones created by the team masters MX ⁇ and submaster MY ⁇ included in the team master list 45 ⁇ (step ⁇ 44 4).
  • the list creator confirmation function passes the transferred two lists to the list change function 38 8.
  • the digital signature function 39 9 obtains the secret key of the team master MX ⁇ from the above-mentioned secret key file, etc., and attaches the digital signature of the team master MX ⁇ to the team master list 55 5 and the member list 56 ⁇ ⁇ ⁇ ⁇ , respectively.
  • the created team master list 57 7 and member list 58 ⁇ ⁇ are created and returned to the team data list storage device 31 1 (step ⁇ 46 6).
  • the authority confirmation function 3 5 ⁇ is composed of the transferred two lists and the team master list 4 5 ⁇ ⁇ ⁇ stored in the previous step S 4 3 ⁇ (that is, Old team master list)
  • the authority is confirmed in accordance with the flowchart shown in FIG. 74 (step S47 ⁇ ).
  • FIG. 75 shows a state of the team master list member list which is compared and collated in each step of FIG. 74 when such authority confirmation is performed.
  • the authority confirmation function 35 ⁇ obtains the team master lists 57 ⁇ and 45 ⁇ ⁇ ⁇ as the new and old team master lists, respectively, and obtains the member list 58 ⁇ as the new member list (step S 6). 1)).
  • the authority confirmation function 35 ⁇ checks the digital signatures of the team master list 57 7 and the member list 58 8, respectively (step ⁇ 62 2). If any of them has been tampered with, these two lists are transferred from the team data list management device 30 (client CL) to the team data list storage device 31 (server SVC).
  • Authority check function 35 5 ⁇ stops the process of changing the team master because a fraudulent activity occurred during the process.
  • the authority checking function 35 5 checks the digital signature of the new team master list 57 7 and finds the digital signature of the old team master list 4. 5 Confirm that the digital signature is from the same team master ⁇ ⁇ ⁇ as the digital signer (Step S 63 ⁇ ) c. This is to confirm that the authority has been delegated from the person who was originally the team master If the result of the determination in step S63 ⁇ becomes "NO", it is considered that there is an illegal act due to a violation of authority or the like, and the process of changing the team master is stopped.
  • step S64 it is checked whether the digital signer of the new team master list 57 ⁇ has master authority (step S64). For example, in the member change described in Fig. 70 described above, the digital signature of the team master list 45 ⁇ is obtained by the member MX ⁇ ⁇ ⁇ who has master authority, which means that the team The same applies to master 52 5 (that is, if the determination result of step ⁇ 64 4 is “YES”). On the other hand, in the case where the team master itself is changed, the processing time of step S47 ⁇ in FIG.
  • step S64 corresponds to the transition period in which the authority is delegated from the member MX ⁇ to the member ⁇ ⁇ , and the team master list is changed.
  • 57 7 is in a transitional state where the new administrator member ⁇ ⁇ is the master and the old administrator member MX ⁇ ⁇ ⁇ ⁇ is digitally signed, and the digital signer of the team master list 57 ⁇ is the master. Looks like you don't have star power. If such a state is detected and the change of the team master itself is recognized (judgment result in step S64 "is“ NO ”), the authority confirmation function 35 5 checks the digital signature of the new member list 58 8.
  • step ⁇ 65 5 The power that the digital signature is included in the new Team Master List 57 ⁇ , or is it the digital signer of either the new or old Team Master List 57 7 or 45 4? Check if (step ⁇ 65 5). If none of the conditions is satisfied, it is considered that an illegal act such as tampering has occurred, and the authority confirmation function 35 ⁇ stops the team master change process. Furthermore, in this case, since the digital signer of the member list 58 8 is the same as the digital signer of the new and old team master lists 57 7 and 45 5, the authority confirmation function 35 5 requires the formal procedure. It can be determined that the member list has been created. Through the processing of steps S62 2 to ⁇ 65 5 described above, the team master MX with proper authority can perform team operations in a normal operation.
  • the authority confirmation function 35 # sends the new and old team master lists 57 #, 45 # and the membership list 58 # to the team data list management device 30 # (step S48). Subsequent processing is performed under the direction of the new team master MK ⁇ , and the digital signature of the team master list 57 7 and member list 58 8 is written with the digital signature of the team master M M. This is the process for replacement.
  • the list creator confirmation function 57 7 confirms the digital signature included in each transferred list (step ⁇ 49 9).
  • the list creator confirmation function 37 7 confirms that the digital signatures of the old team master list 45 5 and the new member list 58 8 have not been altered, and then the new and old team master list 5 7 Check whether the digital signatures of 7 ⁇ and 45 5 match each other, and further, based on the contents of the old team master list 45 ⁇ , member MX ⁇ who is the digital signer of the list is assigned to the team. Check if you have master authority. In this case, since all three conditions described above are satisfied, the list creator confirmation function 37 ⁇ changes the team master list 57 7 and the member list 58 ⁇ ⁇ to the list change function 3 8 Hand over to ⁇ .
  • the list change function 38 8 creates a team master list 59 9 and a member list 60 ⁇ based on the team master list 57 7 and the member list 58 ⁇ , and creates a digital signature function 39 9. Pass to.
  • the digital signature function 39 ⁇ obtains the private key for member ⁇ ⁇ ⁇ from the above-mentioned private key file and attaches the digital signature of member ⁇ ⁇ to each of the team master list 59 ⁇ and member list 60 ⁇ ⁇ ⁇ . Create a team master list 61 1 and a member list 62 2 and return these lists to the team data list storage device 31 3 180 steps S50 ⁇ ).
  • authorization check function 3 5 zeta authority in accordance with the processing procedure shown in FIG. 7 4 against team master list 6 1 zeta and Menbarisu DOO 6 2 zeta which is transferred Check it (Step S51).
  • the digital signers of these two lists are all team master MKs, it can be determined that these two lists are both valid.
  • the determination result in step S64 6 in FIG. 74 is “YES”.
  • the authority confirmation function 35 ⁇ stops the processing without updating the team master list and the member list. This means that the team master itself has been changed.
  • the team data list management device 30 ⁇ and the team data list storage device 31 1 are member-listed.
  • the list creator checks the team data list management device 30 ⁇ and the team data list storage device 31 1 as follows. Is performed. First, when there is a member list reference request from the team data list management device 30 ⁇ , the team data list storage device 31 1 reads the old team master list 45 5 and the new member list 58 8 from the team data list. Transfer to management device 30 #.
  • the list creator confirmation function 37 7 confirms whether the digital signatures of the two transferred lists have been tampered with, and then checks the old team master list 4 5 Based on the contents of ⁇ , the digital signer of the list (member MX ⁇ in Fig. 73) Check that you have the required permissions. On the other hand, if there is a member list change request or a master change request from the team data list management device 30 #, the team data list storage device 31 # will store the new and old team master lists 57, 45 5 and the new Transfer the member list 58 8 to the team data list management device 30 ⁇ .
  • the list creator confirmation function 37 checks whether the digital signatures of the two transferred lists have been tampered with. Confirm. Next, the list creator confirmation function 37 ⁇ compares the digital signatures of the new and old team master lists 57 7 and 45 5 with each other to confirm whether they match. Next, the list creator confirmation function 37 7 confirms whether the digital signer of the old team master list 45 ⁇ has team master authority, as in the case of the membership reference request.
  • each time the team data list is used the user needs to confirm on the client CL side whether the team master is genuinely genuine.
  • the user needs to confirm on the client CL side whether the team master is genuinely genuine.
  • the display of the computer that composes the team data list management device 30 # "This list is normally managed by the following members as an administrator. Name: Member MX #, organization : Mitsubishi Materials Corporation.
  • the following functions are added as new functions that cooperate with the list creator confirmation function 37 7, or are combined as a function of the list creator confirmation function 37 7. 182 The problem is solved.
  • the public key of the team master is registered in advance, for example, in the public key database 41 (see FIG. 66) on the client CL ⁇ side for each team, and the public key management function 40 ⁇ is registered in the public key database 41.
  • the public key database 41 (see FIG. 66) on the client CL ⁇ side for each team, and the public key management function 40 ⁇ is registered in the public key database 41.
  • a serial number or the like for identifying the public key is registered in the public key database 41 as information on the public key, and the public key management function 40 stores the serial number in the public key database 41.
  • the list creator confirmation function 3 7 uses the team master's public key notified from the public key management function 40 ⁇ instead of sending the above-mentioned message on the computer display.
  • the list creator confirmation function 37 ⁇ uses the team master's public key notified from the public key management function 40 ⁇ instead of sending the above-mentioned message on the computer display.
  • the public key of member MX ⁇ who is the former administrator should no longer be used. Can not be done. Therefore, the public key of the team master registered on the client 183 need to change automatically.
  • the following process should be performed after the final team master list 61 ⁇ (see FIG. 73) is created (that is, after step S51 ⁇ ). Good.
  • the authority confirmation function 35 ⁇ is replaced with the old team master list, the transitional team master list, and the final team master list (that is, the team master list 45 ⁇ ).
  • the list creator confirmation function 37 ⁇ registers the member MX ⁇ ⁇ ⁇ as the team master in the public key database 41 ⁇ through the public key management function 40 ⁇ . Know that you are.
  • the list creator confirmation function 37 ⁇ is based on the three lists transferred from the team data list storage device 31 ⁇ . It can be confirmed that authority has been delegated to the barrel member ⁇ ⁇ ⁇ .
  • the team masters registered in the team master lists 45 ⁇ , 57 ⁇ , and 61 ⁇ respectively transition from member MX ⁇ to member ⁇ ⁇ ⁇ ⁇ ⁇ to member ⁇ ⁇ ⁇ ⁇ ⁇ ⁇ .
  • the list creator confirmation function 37 7 uses the public key management function 40 ⁇ to interrogate the public key of the person registered as the team master in the public key database 41 1 from the member MX ⁇ . Change to member ⁇ ⁇ ⁇ . Since the change of the team master is not so complicated, the user may be asked to confirm the change when performing the change process. In addition, various information other than the public key can be used for confirming the team master. 184
  • the team data list management program consists of (1) members who notify the information for identifying and authenticating the instructor who issues the change instruction to a predetermined request destination and share resources with each other.
  • a digital signature is created, and the computer performs a digital signature process in which the digital signature is attached to the team data list changed in the list change process and sent to the request destination.
  • the above-mentioned team data list management program may further comprise: at least one member list including at least member information on the member and a digital signature of the master; master information indicating authority of the master; The master A master list containing at least 185 digital signatures is used as the team data list.
  • the master includes a team master having a right to change the master list
  • the change instruction is a change instruction of the team master
  • the confirmation processing is Transmitting the changed member list and master list to the request destination; and transmitting the changed member list and master list included in the transition period member list and the transition period master list returned from the request destination in response to the process.
  • the digital signature processing further includes a process of creating a digital signature of the team master after the change specified by the change instruction, Sending back the new member list and the new master list with the digital signature to the master list in the transition period to the request destination. It may have.
  • the above-described team data list management program includes a process of acquiring identification information for identifying the team master from a predetermined location and registering the identification information in advance, the identification information of the team master and the request destination. A process of confirming whether or not the digital signature of the master is the digital signature of the team master based on the digital signature of the master included in the member list and the master list transmitted from the master list.
  • the program may be executed by a computer.
  • the above-mentioned team data list management program is configured so that, based on the master list acquired at the time of the change instruction, the transition of the master list during the transition period and the transition of the contents of the new master list, the team master A process of confirming that the change has been made through a formal procedure; and if the change has been confirmed, acquiring the identification information of the changed team master specified in the change instruction, and registering in advance with the identification information.
  • To update the identified team master identification information before the change 186 may be further executed by a computer.
  • the team data storage program includes: (1) information relating to a team composed of members sharing resources with each other and a master having management authority for the information; (2) When a reference request is sent from a predetermined request source, a storage process for storing in advance a team data list prepared according to the authority of members belonging to the team.
  • the storage processing may include a step of storing in advance one or more member lists including at least member information regarding the members and a digital signature of the master.
  • the computer may execute a process of storing in advance master information indicating the authority of the master and a master list including at least the digital signature of the master.
  • the master includes a team master having an authority to change the master list, and the authority confirmation processing is performed by the instructor from the request source to the team master.
  • the master list before the change is saved as the old master list 187, and sends the master list and the membership list to the request source in response to a request from the request source, and, out of these lists, the master list in the transition period in which information on the team master is changed.
  • New master to which the digital signature of the changed team master specified in the change instruction is attached to these lists Receiving the list and the new member list from the request source and confirming the validity, and updating the stored member list and the stored master list only when the validity is confirmed. It is good even if it causes the computer to further execute the processing.
  • the invention of the sixth embodiment has the following effects.
  • a team data list such as a master list and a member list stored in a server or the like is obtained, and these lists are acquired by the master having authority. After confirming that the list is created properly, the list is modified and returned to the request destination. From this, it is possible to detect that unauthorized members, such as general members other than the master, server administrators, crackers, etc., have manipulated the team data list.
  • the team master itself can change the team master, an administrator such as a server storing the team data list is required. 188 Delegate authority of team master without intervention.
  • a system in which a plurality of managers manage the team data list can be realized, it is possible to reduce the burden on a small number of managers.
  • the digital signature of the master is included in the team data list, it is possible to detect an illegal act such as falsification performed on the team data list.
  • the authority check is performed to determine whether or not the instructing person who made these requests has the authority. It is possible to prevent unauthorized acts by unauthorized persons.
  • information for identifying and authenticating the team master such as a public key
  • the team master is changed.
  • the public key of the registered team master is updated as appropriate. For this reason, each time the team data list is operated, the user himself / herself does not need to visually confirm the team master, and the troublesome work of the user becomes unnecessary, and the approval of the team master can be automatically performed.
  • the “computer system” includes an OS and hardware such as peripheral devices.
  • the “computer-readable recording medium” refers to a general-purpose medium such as a floppy disk, a magneto-optical disk, a ROM, a CD-ROM, and a storage device such as a hard disk incorporated in a computer system.
  • a “computer-readable recording medium” is a dynamic medium for a short time, such as a communication line for transmitting a program through a network such as the Internet or a communication line such as a telephone line.
  • One that holds the program transmission medium, transmission wave
  • server / client In that case This includes programs that hold programs for a certain period of time, such as volatile memory inside a computer system.
  • the above-mentioned program may be for realizing a part of the above-mentioned functions, and may be for realizing the above-mentioned functions in combination with a program already recorded in the computer system. Is also good.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un système de partage d'informations, comprenant un dispositif de support d'informations destiné à porter la signature numérique d'un chef d'équipe, d'une liste de membres, d'une liste de clés communes, de données cryptées; un dispositif de codage/cryptage fourni avec une unité de stockage, destinée à stocker une clé publique de membre; une unité de cryptage destinée à générer des données de cryptage sur des informations d'entrée; une unité de création de clé cryptée destinée à crypter la clé commune, à l'aide de la clé publique de tierce partie, et à créer une clé cryptée; une unité de transfert destinée à transférer la clé cryptée et les données cryptées vers le dispositif de support d'informations; une unité de gestion de liste destinée à acquérir la liste des membres du dispositif de support d'informations, en déterminant si la signature numérique du chef d'équipe correspond ou non à une signature numérique spécifiée, et à transférer la liste modifiée vers le dispositif de support d'informations uniquement si la signature du chef d'équipe correspond à la signature numérique spécifiée; et une unité de décodage permettant de restaurer la clé commune à partir des informations de clé cryptée, et de décoder les données cryptées au moyen de la clé commune obtenue par le décodage.
PCT/JP1999/002510 1998-05-18 1999-05-14 Systeme de partage d'informations WO1999060749A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP99919583A EP1083699A1 (fr) 1998-05-18 1999-05-14 Systeme de partage d'informations

Applications Claiming Priority (12)

Application Number Priority Date Filing Date Title
JP10/135502 1998-05-18
JP10135502A JPH11331145A (ja) 1998-05-18 1998-05-18 情報共有システム、情報保管装置およびそれらの情報処理方法、並びに記録媒体
JP10227410A JP2000059358A (ja) 1998-08-11 1998-08-11 情報改竄検知装置および改竄検知プログラムを記録したコンピュータ読み取り可能な記録媒体
JP10/227410 1998-08-11
JP10307658A JP2000134195A (ja) 1998-10-28 1998-10-28 暗号化装置、復号化装置、方法及びその記録媒体
JP10/307658 1998-10-28
JP10/309223 1998-10-29
JP10309223A JP2000137435A (ja) 1998-10-29 1998-10-29 チームデータリスト管理装置及びチームデータリスト保管装置及びチームデータリスト処理システム、並びに、それらの記録媒体
JP10372187A JP2000196583A (ja) 1998-12-28 1998-12-28 同報通信システム
JP10/372187 1998-12-28
JP11/29384 1999-02-05
JP11029384A JP2000227879A (ja) 1999-02-05 1999-02-05 チームデータリスト管理装置及びチームデータリスト保管装置及びチームデータリスト処理システム、並びに、それらの記録媒体

Publications (2)

Publication Number Publication Date
WO1999060749A1 true WO1999060749A1 (fr) 1999-11-25
WO1999060749A8 WO1999060749A8 (fr) 2000-04-27

Family

ID=27549456

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP1999/002510 WO1999060749A1 (fr) 1998-05-18 1999-05-14 Systeme de partage d'informations

Country Status (2)

Country Link
EP (1) EP1083699A1 (fr)
WO (1) WO1999060749A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009526305A (ja) * 2006-02-10 2009-07-16 サムスン エレクトロニクス カンパニー リミテッド デバイスでdrmコンテンツをローミングして使用する方法および装置
CN115174152A (zh) * 2022-06-08 2022-10-11 中国科学院信息工程研究所 一种群组测试认证加密方法、验证解密方法及通信方法
US20230094255A1 (en) * 2021-09-27 2023-03-30 7-Eleven, Inc. Autonomous delivery mechanism data integration in an application platform
CN118590326A (zh) * 2024-08-06 2024-09-03 北京清水爱派建筑设计股份有限公司 一种多平台协同建筑设计过程中数据安全共享方法及系统

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPWO2002080447A1 (ja) * 2001-03-29 2004-07-22 ソニー株式会社 情報処理装置
US8468209B2 (en) 2003-09-18 2013-06-18 International Business Machines Corporation Method of rescinding previously transmitted e-mail messages
EP1714459B1 (fr) * 2004-02-13 2016-08-03 Nokia Technologies Oy Acces a des donnees protegees dans une memoire reseau a partir de multiples dispositifs
WO2006083141A1 (fr) * 2005-02-07 2006-08-10 Samsung Electronics Co., Ltd. Procede de gestion de cles dans lequel est utilisee une topologie nodale hierarchisee, et procede d'enregistrement et de retrait d'enregistrement d'un utilisateur dans lequel est utilise ledit procede de gestion de cles
KR100636228B1 (ko) 2005-02-07 2006-10-19 삼성전자주식회사 계층적인 노드 토폴로지를 이용한 키 관리 방법 및 이를이용한 사용자 등록 및 등록해제 방법
EP2104269A1 (fr) 2008-03-17 2009-09-23 Robert Bosch Gmbh Unité de contrôle électronique et procédé de vérification d'intégrité de données
DE202008007826U1 (de) 2008-04-18 2008-08-28 Samedi Gmbh Anordnung zum sicheren Austausch von Daten zwischen Dienstleister und Kunde, insbesondere zur Terminplanung
US20160057466A1 (en) * 2014-08-21 2016-02-25 Real Image Media Technologies Pvt. Ltd. System and Method for Controlling Digital Cinema Content Distribution
CN107819585B (zh) * 2017-11-17 2020-08-25 武汉理工大学 Sm9数字签名协同生成方法及系统
KR102357698B1 (ko) * 2020-02-24 2022-02-14 황순영 부분 해시값을 이용한 개인키 관리 방법
US11595207B2 (en) 2020-12-23 2023-02-28 Dropbox, Inc. Utilizing encryption key exchange and rotation to share passwords via a shared folder

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH07200617A (ja) * 1994-01-10 1995-08-04 Nippon Telegr & Teleph Corp <Ntt> 共有情報参照権限制御方法
JPH07245605A (ja) * 1994-03-03 1995-09-19 Fujitsu Ltd 暗号化情報中継装置とそれに接続される加入者端末装置ならびに暗号通信方法
JPH09252323A (ja) * 1996-01-11 1997-09-22 Sony Corp 通信システムおよび通信装置
JPH1013403A (ja) * 1996-06-21 1998-01-16 Nec Corp データ管理システム
JPH1040155A (ja) * 1996-07-24 1998-02-13 Fujitsu Ltd データベース管理システム

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH07200617A (ja) * 1994-01-10 1995-08-04 Nippon Telegr & Teleph Corp <Ntt> 共有情報参照権限制御方法
JPH07245605A (ja) * 1994-03-03 1995-09-19 Fujitsu Ltd 暗号化情報中継装置とそれに接続される加入者端末装置ならびに暗号通信方法
JPH09252323A (ja) * 1996-01-11 1997-09-22 Sony Corp 通信システムおよび通信装置
JPH1013403A (ja) * 1996-06-21 1998-01-16 Nec Corp データ管理システム
JPH1040155A (ja) * 1996-07-24 1998-02-13 Fujitsu Ltd データベース管理システム

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
APPLIED CRYPTOGRAPHY SECOND EDITION, "3.1 Key Exchange" (U.S.), John Wiley & Sons, Inc., (1996), pages 47-52. *
MASAHIRO MITSUYASU, EIJI OKAMOTO: "Kagi haisou, kagi kanri to ninshou", BIT, vol. 28, no. 8, August 1996 (1996-08-01), pages 87 - 95 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009526305A (ja) * 2006-02-10 2009-07-16 サムスン エレクトロニクス カンパニー リミテッド デバイスでdrmコンテンツをローミングして使用する方法および装置
US9300668B2 (en) 2006-02-10 2016-03-29 Samsung Electronics Co., Ltd. Method and apparatus for roaming digital rights management content in device
US20230094255A1 (en) * 2021-09-27 2023-03-30 7-Eleven, Inc. Autonomous delivery mechanism data integration in an application platform
US12062004B2 (en) * 2021-09-27 2024-08-13 7-Eleven, Inc. Autonomous delivery mechanism data integration in an application platform
CN115174152A (zh) * 2022-06-08 2022-10-11 中国科学院信息工程研究所 一种群组测试认证加密方法、验证解密方法及通信方法
CN118590326A (zh) * 2024-08-06 2024-09-03 北京清水爱派建筑设计股份有限公司 一种多平台协同建筑设计过程中数据安全共享方法及系统

Also Published As

Publication number Publication date
EP1083699A1 (fr) 2001-03-14
WO1999060749A8 (fr) 2000-04-27

Similar Documents

Publication Publication Date Title
US11038670B2 (en) System and method for blockchain-based cross-entity authentication
US11025435B2 (en) System and method for blockchain-based cross-entity authentication
EP3814948B1 (fr) Système et procédé d&#39;authentification d&#39;interentité basée sur une chaîne de blocs
EP3788523B1 (fr) Système et procédé d&#39;authentification inter-entités basée sur une chaîne de blocs
US6092201A (en) Method and apparatus for extending secure communication operations via a shared list
US7644268B2 (en) Automated electronic messaging encryption system
US5774552A (en) Method and apparatus for retrieving X.509 certificates from an X.500 directory
KR100734737B1 (ko) 조건부 전자 서명의 생성 방법, 조건부 전자 서명의 검증 방법, 데이터 처리 장치 및 컴퓨터 판독 가능 기록 매체
AU2002230823B2 (en) Method and system for obtaining digital signatures
US6792531B2 (en) Method and system for revocation of certificates used to certify public key users
US6438690B1 (en) Vault controller based registration application serving web based registration authorities and end users for conducting electronic commerce in secure end-to-end distributed information system
US20020032857A1 (en) Person identification certificate link system, information processing apparatus, information processing method, and program providing medium
US6215872B1 (en) Method for creating communities of trust in a secure communication system
CN103124981A (zh) 电子文档分发系统和电子文档分发方法
JP4040886B2 (ja) コンテンツ管理システムおよびコンテンツ管理方法
WO1999060749A1 (fr) Systeme de partage d&#39;informations
KR102015386B1 (ko) 전자 메일 배달의 인증을 위한 방법
JP2000196583A (ja) 同報通信システム
US6795920B1 (en) Vault controller secure depositor for managing secure communication
US7716478B2 (en) Method and device for data protection
López et al. Hierarchical organization of certification authorities for secure environments
KR20240039076A (ko) 디지털인감증명과 블록체인 기반의 내용증명 방법
Bai et al. Access revocation and prevention of false repudiation in secure email exchanges
Lipp et al. The digital signature initiative
Hutchison Security in group applications: Lotus Notes as case study

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: C1

Designated state(s): US

AL Designated countries for regional patents

Kind code of ref document: C1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

WR Later publication of a revised version of an international search report
WWE Wipo information: entry into national phase

Ref document number: 1999919583

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1999919583

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 09700390

Country of ref document: US

WWW Wipo information: withdrawn in national office

Ref document number: 1999919583

Country of ref document: EP

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载